NEWSPAPER  ■  $5.00 


Free  DNS:  Too  good  to  be  true? 

OpenDNS,  NeuStar  give  away  services  they  say  are  faster 
and  more  reliable  than  ISP  offerings,  but  buyers  worry 
there’s  a  catch.  Page  20. 


Red  Hat,  red  hot 

Red  Hat  CEO  Jim  Whitehurst  wants  to  grow  the  open 
source  company  into  a  billion  dollar  juggernaut  supply¬ 
ing  data  center  infrastructure  software.  Page  10. 


■I  IBM  SVP 
a  Steve 
j||pj  Mills  on 
J  Big  Blue's 
PM®  budding 
^  partner¬ 
ship  with  Google, 
new  opportunities  in 
China,  and  the  pros 
and  cons  of  having  a 
diversified  software 
portfolio.  Page  22. 


Those  cut  cables? 

Not  likely  sabotage, 
says  Johna Till 
Johnson,  and  here’s 
what  you  need  to 
know  about  such 
risks.Page  33. 

Tech  valentines 
from  hell 

Columnist 
Howard 
Anderson 
reveals 
valentines  sent  from 
the  likes  of  Steve 
Ballmer,  Larry  Ellison 
and  others.  Page  34. 

Lofty  ambitions 

Enterasys  CEO  Mike 
Fabiaschi  wants  to 
build  a  billion-dollar 
revenue  stream 
through  '08  acquisi¬ 
tions.  It's  a  tall  order. 
Page  48. 


Microsoft, 
Nortel  tout 
benefits  of 
their  union 

BY  JIM  DUFFY 

Even  though  they  fleshed  out 
their  joint  strategy  on  the  stage  of 
“Saturday  Night  Live”  a  year  ago, 
Nortel  and  Microsoft  have  shown 
since  that  their  unified  commu¬ 
nications  partnership  is  no  joke. 

Indeed,  they  appear  to  be  mak¬ 
ing  significant  progress  in  their 
Innovative  Communications  Alli¬ 
ance  (ICA).  The  companies  say 
they  have: 

•  Lined  up  500  joint  ICA  cus¬ 
tomers,  an  increase  from  300  last 
fall. 

•  Opened  two  collaboration 
centers  in  Raleigh,  N.C.,  and 
Maidenhead,  England,  which 
1,100  customers  have  visited. 

•  Built  16  Microsoft  technology 
centers  in  the  last  year  equipped 
with  live  ICA  demonstrations. 

•  Established  150  ICA  demon¬ 
stration  centers  around  the 
world  —  more  than  seven  times 
as  many  as  they  had  a  year  ago. 

•  Seen  ICA  recognized  by  mar¬ 
ket  tracker  Gartner  as  a  unified 
communications  leader  in  its 
Magic  Quadrant  grid  of  vendor 
and  product  positioning. 

The  companies  formed  ICA  18 
months  ago  to  develop  products 
See  ICA,  page  26 
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Attacking  e-mail  fraud 

DKIM  standard  attracts  Cisco,  Google  and  PayPal 


BY  CAROLYN  DUFFY  MARSAN 

Spoofers,  spammers  and  phishers, 
beware. 

There’s  a  new  gun  in  town,  and  some  of 
the  Internet’s  most  powerful  companies  — 
including  Yahoo,  Google,  PayPal  and  AOL 
—  are  brandishing  it  in  the  ongoing  battle 
against  e-mail  fraud. 

The  new  weapon  is  called  DomainKeys 
Identified  Mail  (DKIM), an  emerging  email 
authentication  standard  developed  by  the 
IETF  DKIM  lets  an  organization  crypto¬ 
graphically  sign  outgoing  email  to  verify 
that  it  sent  the  message. 

DKIM  addresses  one  of  the  Internet’s 
biggest  threats:  email  fraud.  As  much  as 
80%  of  email  sent  as  if  it  is  from  leading 
brands,  banks  and  ISPs  is  spoofed,  accord¬ 


ing  to  a  report  released  in  late  January  by 
the  Authentication  and  Online  Trust 
Alliance  (AOTA).  AOTA  analyzed  more 
than  100  million  emails  from  Fortune  500 
brands  sent  over  a  fivemonth  period. 

“It’s  critical  that  IT  professionals  look  at  e 
mail  authentication  as  a  competitive 
advantage  to  protect  their  brands  and  their 
customers  from  these  exploits  as  well  as  to 
protect  their  employees  from  spoofed  or 
forged  email,”  says  Craig  Spiezle, chairman 
of  AOTA. 

DKIM  proponents  say  the  standard  is  an 
important  step  in  rebuilding  consumer 
confidence  in  email. 

“DKIM  increases  the  trust  with  which 
people  can  regard  their  email,”  says  Jim 
See  Antiphishing,  page  24 
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In  our  latest  test  of  virtual  machine 
management  tools,  we  find 
that  point  products  from 
Onaro,  n  Works,  PlateSpin 
and  Virtugo  tackle 
different  pieces  of 
the  VM  manage¬ 
ment  puzzle. 

PAGE  39 
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The  HP  ProLiant  DL380  G5  server  comes  with  Systems  Insight 
Manager  (SIM)  software.  HP  SIM  has  shown  an  average 
reduction  in  server  downtime1  of  77%,  by  monitoring  your  system 


mif 


and  alerting  you  of  potential  server  problems  before  they  occur. 
Technology  for  better  business  outcomes. 


>  1  r 


mm 


HP  ProLiant  DL380  G5 

$2249  (Save  $958) 


lease  for  as  low  as  $56/mo3  (or  48  months 
Check  hp.com  for  the  .most  up-to-date  pricing 

Smart  (PN:  470064-511) 

•  Quad-Core  Intel®  Xeon®  Processor 

•  2GB  PC2-5300  memory  '• 


HP  StorageWorks  Ultrium 
448  Tape  Drive  SAS  Bundle2 

$1649 


lease  (or  as  low  as  $41 /mo3  for  48  months 
Smart  (PN:  AG739A) 

•  400GB  compressed  capacity  in  half-height 
form  factor 


■  Supports  small  form  factor,  high-performance 
SAS  or  low-cost  SATA  hard  drives 


•  Smart  Array  P400  controller 

•  Integrated  Lights-Out  (il02).  Systems  Insight 
Manager,  SmartStart 

Get  More: 

Smart  24x7,  4  hour  response,  3  years 
(PN:  UE894E)  $689 

Smart  Add  2GB  additional  memory, 
(PN:  397411-S21)  $174 


1  Ships  with  Data  Protector  Express  Software, 
One  Button  Disaster  Recovery,  a  1 U 
Rackmount  Kit,  and  a  Host  Bus  Adapter 


Get  the  full  story  in  the  IDC  white  paper  at  hp.com/go/siml  0 
or  call  1-877-726-8115 


1 .  IOC  White  Paper  sponsored  by  HP,  Gaining  Business  Value  and  ROt  with  HP  Systems  Insight  Manager,  Doc  #206761 ,  May  2007.  2.  Prices  shown  are  HP  Oirect  prices;  reseller  and  retail  prices  may  vary.  Prices  shown  are  subject 
to  change  and  do  not  include  applicable  state  and  local  taxes  or  shipping  to  recipient’s  address.  Offers  cannot  be  combined  with  any  other  offer  or  discount  and  are  good  while  supplies  last.  All  featured  offers  available  in  U.S.  only. 
Savings  based  on  HP  published  list  price  of  configure-to-order  equivalent  ($3207  -  $958  instant  savings  =  SmartBuy  price  $2249).  3.  Financing  available  through  Hewlett-Packard  Financial  Services  Company  (HPFS)  to  qualified 
commercial  customers  in  the  U.S.  and  subject  to  credit  approval  and  execution  of  standard  HPFS  documentation.  Prices  shown  are  based  on  a  lease  48  months  in  term  with  a  (air  market  value  purchase  option  at  the  end  ot  the  term. 
Rates  based  on  an  original  transaction  size  between  $3,000  and  $25,000.  Other  rates  apply  for  other  terms  and  transaction  sizes.  Financing  available  on  transactions  greater  than  $349  through  April  30,  2008.  HPFS  reseives  the 
right  to  change  or  cancel  these  programs  at  any  time  without  notice.  Intel,  the  Intel  logo.  Xeon  and  Xeon  Inside  are  trademarks  or  registered  trademarks  ot  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries. 
©  2008  Hewlett-Packard  Development  Company,  L.P.  The  Information  contained  herein  Is  subject  to  change  without  notice. 
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■  Blist’s  online  database-building  tool 
features  visual  and  intuitive  user 
interfaces.  See  Cool  Tools,  page  38. 


38  Mark  Gibbs:  Wrangling  XML  data  to 
CSV. 

38  Keith  Shaw:  Sprout  and  blist 
impress  with  betas. 

NETW0RKW0RLD.COM 

6  Catch  up  on  the  latest  online  stories, 
blogs,  newsletters  and  video. 


■  CONTACT  Network  World,  118Turnpike  Road, 
Southborough,  MA  01772;  Phone:  (508)  460-3333;  E- 
mail:  nwnews@nww.com;  ■  REPRINTS:  (717)  399-1900; 

■  SUBSCRIPTIONS:  Phone  (508)  490-6444;  E-mail: 
nwcirc@nww.com;  URL:  www.subscribenw.com 


VIRTUAL  MACHINE  MANAGEMENT  TOOLS 


Taming  the  Virtual  Beast:  Part  III 


Tools  from  Onaro,  nworks 
PlateSpin,  Virtugo  tackle 
different  pieces  of  the  VM 
management  puzzle,  but 
there  s  no  silver  bullet 
PAGE  39 


Total  voters  for  this  poll:  878 

Vote  and  discuss:  www.nwdocfinder.com/384fi 


Good 


Happy  25th  birthday,  DNS 

You  have  Paul  Mockapetris  and  his 
invention  of  the  Domain  Name  System 
25  years  ago  to  thank  for  the  fact  that 
you  don't  have  to  type  a  string  of  num¬ 
bers  when  you’re  surfing  the  Web  look¬ 
ing  for  your  favorite  sites. 


Slacking  off  on  security 

A  new  survey  of  2,000  remote  workers 
and  IT  pros  found  that  56%  of  remote 
workers  felt  that  the  Internet  is  safer 
than  it  was  last  year.  However,  55%  of 
IT  staff  said  they  thought  remote 
employees  are  becoming  less  aware 
and  less  disciplined  in  their  online 
behavior. 


Americans  giving  Nature  the 
boot  A  survey  sponsored  by  The 
Nature  Conservancy  finds 
that  since  the  late  1980s 
Americans  increasingly 
have  been  shunning 
national  parks,  camping 
and  other  outdoorsy 
attractions. 

Participation 
in  outdoor 
activities 
has  been 
dropping  about 
1%  a  year  since 
then  for  typical 
Americans.To 
blame?You  guessed  it: 
the  Web  and  other  electronic 
forms  of  entertainment. 


A  snapshot  of  how  networkworld.com 
visitors  voted  on  a  key  networking  issue 
last  week: 


How  do  you  rate  Juniper  Networks’ 
chances  of  giving  Cisco  a  fight  in 
enterprise  network  switching? 


Not  sure  3% 
Fair  7% - 


GOODBADUGLY 


PEERSAY 


ISPs  and  false  advertising 

Re:  Time  Warner  looks  at  traffic  capping 
(www.nwdocfinder.com/3834): 

Ever  run  across  a  buffet  that  advertises  “all 
you  can  eat”  but  runs  out  of  all  the  good  stuff 
early  in  the  evening? 

Or  do  you  remember  that  dial-up  ISP  years 
ago,  that  promised  unlimited  internet  access 
for  $19.99  a  month,  but  had  nothing  but  busy 
signals  when  you  tried  to  connect? 

What  this  country  needs  is  laws  against  mis¬ 
leading  advertising  with  teeth  in  them.  There 
seem  to  be  such  laws  in  Australia.  When  my 
brother,  who  lives 
there,  on  a  farm  thir¬ 
ty  miles  from  the 
nearest  town  and 
five  miles  from  the 
nearest  sealed  road, 
saw  on  television  an 
offer  from  Telstra  to 
deliver  a  new  mobile  phone  to  his  front  door 
free  of  charge,  he  took  them  up  on  it.They  ini¬ 
tially  refused,  explaining  that  the  offer  only 
applied  in  the  Sydney  metropolitan  area.  But 
when  he  pointed  out  that  the  ad  said  nothing 
of  the  kind,  and  reviewed  the  penalties  for 
false  advertising,  Telstra  hired  a  courier  to 
deliver  it.  He  did  compromise  a  little:  The 
courier  balked  at  the  condition  of  the  track  in 
(you  need  four  wheel  drive  and  high  ground 
clearance), so  my  brother  met  him  at  the  first 
gate. 

If  the  U.S.  had  laws  against  such  deceptive 
advertising  (with  suitable  jail  terms  for  execu¬ 
tives  involved)  Time  Warner  (and  others) 
would  behave  more  responsibly 

Les  Denham 

Discuss  at  www.nwdocfinder.com/3835 

The  cost  of  LANDesk:  2  views 


products  you  need  to  factor  in  the  setup,  initial 
cost,  price  per  seat,  and  annual  maintenance. 

1  know  that  a  Cadillac  is  better  than  my 
Chevy,  but  I  also  know  I  can’t  afford  it. 
LANDesk’s  higher-ed  pricing  is  ridiculous. 

While  having  to  write  some  of  our  own 
FixLets,  we  are  using  BigFix  with  a  great  deal 
of  success.  I  just  wish  BigFix  would  build  in 
Intel’s  AMT  3.0  technology  so  that  we  could  go 
from  bare  metal. 

Fred  Dunn 

Dartmouth  College  has  been  using  LANDesk 
for  several  years  now  and  we  absolutely  love 

the  product.  While  I 
agree  there  is  a  pre¬ 
mium  for  this  amaz¬ 
ing  product  it  is  a 
well-deserved  premi¬ 
um  and  is  not  exces¬ 
sive.  We  have  found 
the  product  and  sup¬ 
port  to  be  exemplary, and  the  savings  are  more 
than  any  price  we  have  paid.  Now  does  that 
mean  I  would  not  love  lower  prices?  No. There 
are  things  in  the  product  we  cannot  afford,  like 
the  virtual  application  technology  that  is,  well, 
in  just  one  word,  wow.  And  can  we  afford  it? 
No.  But  hey,  if  I  knock  loud  enough  on 
LANDesk’s  door  for  long  enough  you  never 
know  what  is  going  to  happen.  I  understand  in 
the  EDU  world  we  don’t  have  tons  of  money  so 
I  get  what  I  can,  but  what  I  do  want  is  some¬ 
thing  that  works  and  pays  for  itself  immediate¬ 
ly..  And  with  LANDesk  that  is  what  we  received. 
The  support  is  stellar;  if  you  give  them  change 
requests  for  the  product  they  get  implement¬ 
ed.  I  cannot  say  any  less  forcefully  that  I  would 
leave  my  job  if  we  could  not  have  LANDesk. 

Timothy  B.  Chiacchira 
Enterprise  Administrator 
Dartmouth  College 

Discuss  at  www.nwdocfinder.com/3837 


**What  this  country  needs  is 
laws  against  misleading  adver¬ 
tising  with  teeth  in  them.55 


Re:  LANDesk  wins  client  management 
shootout  (www.nwdocfinder.com/3836): 

Yes  it  does,  but  the  cost  for  LANDesk  is  pro¬ 
hibitive.  We  would  love  to  have  LANDesk  but 
we  are  a  university  so  LANDesk  is  out  of  our 
reach. 

When  you  compare  systems  management 

►  SPECIAL  NETWORK  WORLD  FEATURE 


SCAN  THIS  CODE 
with  your  cell 
phone  to  get  the 
latest  IT  network 
news  delivered  to 
your  cellular 
device. 
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■  ■  ■  ■  ■ 
■  ■  ■ 

■■  ■■■  ■ 


■■■  ■  ■■■ 
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■■ 

ummm  ■ 

■■ 

To  get  the  client  "  "  ■  ■  ■ 

software,  use  your  phone  browser  to 
visit  wap.connexto.com 


For  more  information  on  code  scanning 
see  www.nww.com/codescan 


Keep  DNS  out  of  Layer  7 

Re:  Free  DNS:  Is  it  worth  the  cost? 
(www.nwdocfinder.com/3844) 

Redirecting  failed  DNS  queries  to  a  search 
page  is  fine  for  users  who  are  in  browsers,  but 
the  user’s  browser  can  do  that  already  If  the 
DNS  query  came  from  an  e-mail  server,  it’s 
almost  always  the  wrong  thing  and  requires 
extra  work  to  fail  gracefully  without  breaking 
spam  filters,  and  for  other  services  such  as 
VoIR  IPSec,  and  ssh,  it’s  never  the  right  thing 
and  there’s  usually  no  way  to  provide  correct 
feedback  to  the  user. 

DNS  is  the  wrong  place  in  the  protocol 
stacks  to  perform  this  browser-dependent 
function,  which  is  why  it  breaks  so  many  non¬ 
browser  applications. 

Bill  Stewart 

Discuss  at  www.nwdocfinder.com/3843 

E-mail  letters  to  jdix@nww.com  or  send  them  to 
John  Dix,  editor  in  chief,  Network  World,  118 
Turnpike  Road,  Southborough,  MA  01 772.  Please 
include  phone  number  and  address  for  verification 
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Actual  product 
not  shown 


IBM  System  Storage  DS3300  iSCSI 
Single  Controller  Express  Model 


IBM  146GB  Hot-Swap  3.5 
SAS  Hard  Drive 


External  storage  solution  for  System  x  servers 
Enables  shared  storage  to  improve  efficiencies 
2U,  19"  enclosure  with  3.5"  SAS  drives, 

14.4TB  max.  capacity 

Expandable  up  to  three  EXP3000s  for  a 

total  of  48  drives 


Captures  a  recovery  point  of  the  entire 
live  Windows®  system 
Restores  individual  Microsoft®  Exchange 
e-mails,  folders  and  mailboxes 


•  High  performance  and  reliability 

•  Hot-swappable 

•  15,000  rpm 


Full  version  with  1-year  Essential  Support1 
$1381.99  CDW 1209952 


Business 


Business 


Partner 


Partner 


CDW  1294843 


CDW  1007142 


We're  there  with  the  storage  solutions  you  need. 

We  don't  have  to  tell  you  that  your  data  needs  are  exploding.  At  CDW,  we  have  a  wide  range  of  top-name 
storage  hardware  and  software  to  help  solve  the  problem.  Our  highly  trained  technology  specialists  will 
work  with  you  on  a  solution  that  is  scalable  and  secure.  Then,  we'll  custom  configure  your  technology  to 
ensure  your  data  is  safe  and  accessible.  So  call  CDW  today.  We  can't  reduce  the  amount  of  data.  But  we 
can  make  it  less  of  a  problem. 

CDW.com  800.399.4CDW 


Essential  Support  includes  24x7  technical  phone  support  and  upgrade  insurance;  call  your  CDW  account  manager  for  details.  Download  free  Symantec  trialware 
at  cdw.com/backupexec.  Offer  subject  to  CDW's  standard  terms  and  conditions  of  sale,  available  at  CDW.com.  ©2008  CDW  Corporation 
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BLOGOSPHERE 


INTERVIEWS,  THE  COOLEST  TOOLS  AND  MORE 


IDG  NEWSWIRE: 


New  SLR  cameras 
from  Sony 

A  preview  of  the  new 
Alpha  A300  and  A350 
digital  SLR  cameras, 
which  include  large  dis¬ 
plays  and  “live  view” 
features. 

www.nwdocfinder.com/3848 


IDG  NEWSWIRE: 


Mixing  technology 
and  fashion 

High  fashion  melds  with 
high-tech  at  the  Boston 
Museum  of  Science, 
where  models  and 
designers  showed  off 
clothing  that  incorpo¬ 
rated  technology. 

www.nwdocfinder.com/3849 
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The  looming  IP 
address  shortage 

John  Curran,  chairman 
of  the  American  Reg¬ 
istry  of  Internet  Num¬ 
bers,  updates  the  sta¬ 
tus  of  the  IPv4  address 
space,  and  discusses 
why  companies  need  to 
start  supporting  IPv6. 

www.nwdocfinder.com/3850 


BEST  OF  NW’S 

NEWSLETTERS 


What  will  open  access  mean? 


■  What  changed?  Blogger  Ronald  Bartels, 

a  self-described  “IT  firefighter"  writes,  “My 
wife  told  me  that  when  she  typed  something 
incorrectly  on  her  computer,  my  face  popped 
up  on  the  screen.  After  some  thought,  I  real¬ 
ized  she  was  referring  to  the  OpenDNS 
pages  I  had  configured.  I  think  that  OpenDNS 
is  great  and  I  started  using  it  after  discover¬ 
ing  a  reference  to  it  in  the  Tomato  firmware 
for  my  [Linksys]  WRT54GL.  OpenDNS  con¬ 
figured  on  the  WRT54GL  provides  great  pro¬ 
tection  for  my  home  network.  I  think  it  works 
better  and  is  more  secure  than  some  of  the 
web  filtering  software  installed  in  some 
enterprise  networks.  This  incident  reminded 
me  of  a  peculiar  DNS  problem  that  I  encoun¬ 
tered.  I  arrived  at  work  and  my  boss  directed 
me  to  the  dealing  desks.There  I  encountered 
chaos _ The  [database  administrator]  stat¬ 

ed  that  he  had  rebooted  every  server  in  site 
and  that  since  his  dealing  application  was 
still  not  working,  it  must  have  been  me  that 
had  made  a  change  on  the  network." 
www.nwdocfinder.com/3838 

■  Understanding  MPLS  VPNs,  Part  1.  IPv6 
guru  Jeff  Doyle  writes:  “One  of  the  most 
compelling  drivers  for  MPLS  in  service 
provider  networks  is  its  support  for  virtual 
private  networks  (VPN),  in  which  the 
provider's  customers  can  connect  geograph¬ 
ically  diverse  sites  across  the  provider's  net¬ 
work.  ...  it's  the  ‘private’  part  of  VPN  that  I 
want  to  discuss.  Not  only  must  services 
remain  distinct  even  though  they  are  sup¬ 
ported  over  a  single  MPLS  network,  but  indi¬ 
vidual  customer's  networks  must  remain 
securely  separated  from  each  other." 
www.nwdocfinder.com/3839 

■  Crossing  the  line  —  the  convergence 
of  social  and  professional  networking. 

Collaboration  expert  Sue  Hanley  writes, 
“The  Wall  Street  Journal  had  several  arti¬ 
cles  about  how  recruiters  are  using  the 
Internet  to  uncover  ‘digital  dirt’  about  appli¬ 
cants  by  looking  at  their  MySpace  pages  and 
about  the  issues  associated  with  accepting  a 

Facebook  ‘friend’  request  from  your  boss _ 

Over  Winter  break,  all  three  of  my  children 
were  home  —  a  high  school  sophomore,  a 
college  junior,  and  a  first  year  graduate  stu¬ 
dent  —  and  I  brought  up  these  articles  one 
night.  Neither  of  my  two  older  children  said 
that  they  would  accept  a  'friend  request'  from 
their  boss  —  they  both  thought  it  would  be 
inappropriate  but  they  couldn't  quite  explain 
to  me  how  they  would  explain  to  their  boss 
why  they  would  say  no  to  the  request.  I  men¬ 
tioned  that  I  thought  you  could  segregate 
which  information  you  shared.” 
www.nwdocfinder.com/3841 


Wireless:  Jan.  31, 2008  may  well  be  a  day 
that  lives  in  infamy  for  changing  the  mobile 
WAN  forever. That’s  the  day  that  a  700MHz 
spectrum  auction  bidder  metaphorically 
scratched  his  head  or  tugged  his  ear  upon 
hearing  the  virtual  request:“Do  I  hear  $4.71 
billion?” With  a  nod,  the  anonymous  bidder 
surpassed  the  FCC’s  minimum  price  of  $4.64 
billion  required  to  ensure  that  open  access 
services  will  come  to  fruition  in  part  of  the 
nationwide  commercial  “C-Block”  spectrum 
that  the  U.S.  government  is  currently  auction¬ 
ing  off. The  bid  assured  that  businesses  and 
consumers  alike  will  eventually  gain  network 
service  options  that  support  any  competitor’s 
device  or  application.  What  do  these  open 
access  rules,  now  assured  of  materializing, 
actually  specify?  Attorney  Kevin  DiLallo 
spelled  them  out  during  the  Mobile  Explosion 
conference  in  Las  Vegas  late  last  month. 
DiLallo,  who  described  today’s  carrier 
approach  of  restricting  network  access  for 
protecting  network  integrity  as  “hooe/  is  a 
partner  at  Levine,  Blaszak,  Block  &  Boothby,  a 
Washington,  D.C.,  law  firm. 
www.nwdocfinder.com/3845 

Network/Systems  management:  Open 
source  management  applications  disrupted 
the  market  a  few  years  back  and  some  of  the 
pioneers  in  the  technology  area  continue  to 


progress  and  grow  their  business.  When  com¬ 
panies  such  as  Groundwork  Open  Source, 
Hyperic,  Zenoss  and  others  announced  they 
would  be  providing  open  source  applications 
for  network  management,  many  industry 
watchers  questioned  how  well  such  tools 
could  manage  today’s  high-end  networks.  But 
the  companies  continue  to  build  on  their 
products  to  get  open  source  in  the  door  at 
larger  companies.  For  instance,  Hyperic 
recently  updated  its  HQ  software  to  Version 
3.2,  adding  features  that  enable  the  software 
to  monitor  1.5  million  metrics  per  minute 
using  MySQL  as  a  back-end  database.The 
updated  release  also  includes  views  that 
enable  IT  managers  to  monitor  all  downed 
resources  and  length  of  downtime  in  one 
page.  Hyperic  says  that  feature  will  help  speed 
problem  resolution  in  large  environments. 
This  version  also  includes  capabilities  to  col¬ 
lect  more  log  data,  which  the  company  says 
increases  performance. 
www.nwdocfinder.com/3846 

Storage:  A  new  player  in  iSCSI  is  making 
noise  about  its  products.  Open-E,  a  company 
based  in  Germany  has  just  opened  offices  in 
the  United  States  and  makes  iSCSI  initiators 
and  targets  that  can  be  used  by  OEMs  or  inte¬ 
grators  in  their  products. 
www.nwdocfinder.com/3847 
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how  solid  is 
your  drive? 


Samsung  Solid  State  Drive 

all-Flash  drives  available 
in  notebooks  and  consumer  electronics 


weight  (2.5”  SATA-II  SSD)  73g 

endurance  (MTBF-)  >  2  million  hours 
shock  resistance  1 500G  /  0.5ms 

read  speed  1 00MB  /  s 

write  speed  80MB  /  s 

active  power  consumption  1 W 

operating  temperature  -25C  -  85C 


Introducing  the  new  Samsung  Flash  Solid  State  Drive  (SSD). 

No  moving  parts,  except  some  hardworking  electrons.  A  Mean  Time 
Between  Failures  (MTBF)  almost  three  times  longer  than  a  hard  drive. 
Exceptional  shock  resistance.  And  power  use  that  extends  battery 
life  up  to  20%.  With  a  Samsung  SSD  inside  your  notebook,  your 
data  is  always  there  when  you  need  it. 

www.samsungssd.com 


solid  state  reliability 


"Mean  Time  Between  Failures 
©  2008  Samsung.  All  rights  reserved. 
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Microsoft  preps 
slew  of  patches 

Microsoft  plans  to  release  one  of  its  largest 
bundles  of  patches  ever  on  Tuesday. 
Scheduled  for  release  are  12  security 
updates,  seven  of  which  have  been  given 
Microsoft’s  most  serious  “critical”  rating. The 
remaining  five  are  rated  “important.”The  criti¬ 
cal  updates  are  for  Microsoft’s  Windows  oper¬ 
ating  system,  Internet  Explorer  and  the  com¬ 
pany’s  Office  software,  all  of  which  are  fre¬ 
quent  targets  of  hackers.The  less-severe 
updates  will  be  for  Windows  Vista,  Active 
Directory  and  Microsoft  Works. Two  impor¬ 
tant  updates  also  are  planned  for  the  Internet 
Information  Services  Web  server  software. 
www.nwdocfinder.com/3851 


ITIL  certifications  and  more 


NetworklWorld 


ITIL  expert  Lou  Hunnebeck,  vice  president  of  Third 
Sky,  an  ITIL  training  and  consulting  firm,  recently 
joined  Network  World  readers  for  a  live  text  chat. 

For  a  copy  of  the  full  transcript,  visit  ww.nwdocfinder.com/ 3858. 


Fog:  What  are  the  mqjor  differences  between  ITIL  foundations  and 
ITIL  foundations  v3? 

This  is  a  big  question. The  underlying  principles  and  most  of  the  core 
concepts  are  exactly  the  same.The  key  differences  are  in  how  the  guid¬ 
ance  is  organized  and  enhanced,  and  how  the  new  presentation  sup¬ 
ports  more  comprehensive  understanding  and  adoption  of  the  ideas.  In 
v2,  people  didn’t  even  read  most  of  the  seven  books.  In  v3,you  need  to 
look  at  all  the  guidance  in  context.The  Lifecycle  approach  is  more 
obviously  strategic  and  business-oriented. 


Who’s  afraid  of  IPv4  address  deple¬ 
tion?  Not  many.  Only  16%  of  IT  profession¬ 
als  consider  IPv4  address  depletion  “a  huge 
concern  that  has  or  will  soon  force  us  to 
migrate  to  IPv6,”  according  to  a  new  BT  INS 
survey  of  310  IT  professionals.  Meanwhile, 
26%  of  IT  professionals  felt  IPv4  address 
depletion  was  “no  concern.”These  survey 
respondents  said  they  can  use  network 
address  translation  combined  with  VPNs  to 
alleviate  the  problem. The  majority  of  respon¬ 
dents  —  58%  —  said  they  had  some  concern 
about  IPv4  address  depletion  but  “not 
enough  by  itself  to  cause  us  to  migrate  to 
IPv6  in  the  near  term.” 
www.nwdocfinder.com/3852 

Google  touts  Apps  without  IT.  Google  is 
releasing  a  new  edition  of  its  hosted  applica¬ 
tions  suite  that  users  can  bring  into  the  work¬ 
place  without  the  involvement  of  their  IT 
department. The  new  release,  called  Google 
Apps  Team  Edition,  became  available  last 
week  for  free. Team  Edition  contains  the  core 
communication  and  collaboration  services 
and  applications  of  other  editions,  such  as 
the  word  processor,  spreadsheet, Talk  instant 
messaging  and  calendar.  It  does  not  contain 
Gmail,  which  requires  IT  participation  to  re¬ 
route  the  company’s  e-mail  flow. 
www.nwdocfinder.com/3853 

Mozilla  patches  three  critical  Firefox 
flaws.  Mozilla  issued  10  patches  last  week 
for  its  Firefox  browser,  including  three  for  crit¬ 
ical  vulnerabilities.  One  of  the  critical  vulner¬ 
abilities,  MFSA  2008-06,  is  a  problem  in  the 
way  the  browser  handles  images  on  certain 
Web  pages.  It’s  possible  to  exploit  the  flaw  to 
steal  a  person’s  Web  browsing  history  forward 
that  information,  then  crash  the  browser.lt 
may  also  be  possible  to  run  arbitrary  code 
on  a  machine,  Mozilla  said. 
www.nwdocfinder.com/3854 


TechieGirl:  What  is  the  “Lifecycle"  approach?  If  people  didn’t  read  the  material 
for  v2,  why  will  they  read  it  for  v3? 

The  Lifecycle  approach  refers  to  the  reorganization  of  the  guidance  into  the  five  phases 
of  the  Service  lifecycle:  Service  Strategy  Service  Design,  Service  Transition,  Service 
Operation  and  Continual  Service  Improvement.  As  to  why  they’ll  read  it  now,  we’ve 
revamped  the  qualification  program  to  reflect  the  whole  library  In  the  v2  qualification 
scheme,  almost  no  attention  was  paid  to  the  other  five  books,  so  people  focused  on  the 
ones  in  the  exams.  When  the  qualification  scheme  essentially  ignored  half  of  the  guid¬ 
ance,  it  implied  that  it  wasn’t  important.  We’ve  corrected  that  misimpression  now. 

Default_User:  Are  there  any  experience  requirements  for  the  ITIL  certification  as 
required  in  CISSP? 

For  the  basic  Foundation  level,  the  answer  is  no.  For  the  Intermediate  levels,  a  candidate 
must  hold  the  Foundation  certificate  and  there  is  advice  regarding  the  level  of  practical 
experience  recommended,  but  no  rigid  requirement. 

Gan  companies  be  certified  on  ITIL,  or  only  professionals? 

Only  persons  can  be  certified  in  ITIL,  because  it  is  not  a  standard,  but  a  framework  of 
recommendations.  Organizations  can,  however  seek  ISO/IEC  20000  certification.This  is 
an  international  standard  for  IT  Service  management,  based  on  ITIL 

Gusti:  When  talking  about  tools,  (not  tools  to  do/implement  the  processes),  is 
there  one  out  there  [to]  assess  how  well/bad  an  organization  was  doing  in  com¬ 
parison  with  the  ITL  best  practices?  Sort  of  like  a  checklist  tool.  I  am  ignorant 
about  ITIL,  so  maybe  I  am  asking  a  silly  question. 

In  terms  of  establishing  a  baseline  assessment  of  your  current  state,  there  are  some  items 
that  can  help.  Start,  of  course,  with  the  measurement  tools  you  already  have  in  place,  to 
establish  base  levels  of  performance  on  your  services.  Ther@ftre  some  questionnaire-type 
tools  to  help  do  a  self-assessment  on  the  process  side,  including  one  available  from  the 
IT  Service  Management  Forum, itSMF  [the  global  practitioner  association  for  ITSM],but  it 
is  currently  being  updated  for  v3.  Organizations  such  as  my  own  (Third  Sky)  also  have 
our  own  standardized  approaches  to  perform  an  assessment  of  current  state.  ■ 


ONLINE:  Join  our  next  Ghats 

Monday,  Feb.  25  at  2  p.m.  EST:  Locking  down  wireless  networks  with  “Will  Hack 
for  Sushi”  blogger  and  SANS  instructor  Joshua  Wright.  Friday,  March  7  at  2  p.m. 
EST:  Busting  enterprise  security  myths  with  451  Group’s  outspoken  Nick  Selby. 

www.networkworld.com/chat 
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“one  of  the  best  help-desk  support  solutions 
examined  by  the  CRN  Test  Center” 
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CRN 
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Bomgar  B300™ 
Version  9.3 


“a  direct  link  into  problem  Windows 
and  Mac  machines” 
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January  8,  2007 
Bomgar  B200™ 
Version  9.1 


“a  cost  effective,  secure,  elegant  hardware 
solution  for  remote  customer  support” 
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Bomgar  B100™ 
Version  9.2 
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NEWS  ANALYSIS 


New  Red  Hat  boss  plots  $1 B  plan 


BY  JOHN  FONTANA 

Competitors  should  keep  a  wary  eye  on 
newly  minted  Red  Hat  CEO  Jim  Whitehurst, 
whose  fresh  face  masks  a  certified  executioner 
who  has  a  plan  to  grow  the  open  source  leader 
into  a  billion-dollar  juggernaut  supplying  data 
center  infrastructure  software. 

The  40-year-old  Whitehurst  left  his  position  as 
COO  of  Delta  Airlines  to  replace  Matt  Szulik  on 
Jan.  1 ,  and  brings  with  him  a  business  savvy  he 
intends  to  soak  into  the  corporate  culture  of 
Red  Hat. 

He’s  already  tagged  Microsoft  as  bloated  soft¬ 
ware  that  locks  in  CIOs,  and  he  is  actively  talk¬ 
ing  up  Red  Hat’s  story  around  middleware,  vir¬ 
tualization  and  software-as-a-service. 

Next  week,  he  will  take  the  stage  at  Red  Hat’s 
JBoss  World  for  his  first  conference  keynote 
address  as  CEO  and  first  appearance  in  front  of 
a  large  audience  of  customers  and  partners 
eager  to  hear  where  the  company  and  its  soft¬ 
ware  are  headed. 

He  doesn’t  plan  to  disappoint  and  the 
Harvard  MBAs  goals  are  lofty  He  expects  the 
open  source  vendor  that  had  just  less  than 
$500  million  in  revenue  last  year  to  eventually 
strut  into  the  billion-dollar  range  in  the  next 
three  years. 

Other  goals  that  he  thinks  are  achievable  in¬ 
clude  continued  increases  in  server  market 
share,  establishing  the  company  as  the  leader 
in  supplying  service-oriented  architecture 
(SOA)  and  the  clear  application  server  front¬ 
runner  and  re-accelerating  the  company’s 
growth  rate. 

“He’s  an  operator”  says  Raven  Zachary  an 
analyst  with  the  451  Group.“It’s  tough  to  run  an 
airline.  The  reality  is  that  he  understands  com¬ 
plex  issues  related  to  operations." 

That  knowledge  is  what  Red  Hat  appears  to 
need  as  it  looks  to  evolve  past  its  Linux  operat¬ 
ing  system  roots.The  company  is  attempting  to 
mix  the  Linux  operating  system,  virtualization, 
middleware,  independent 


software  vendor  (ISV)  applications  and  soft¬ 
ware  delivered  as  services  into  an  enterprise 
data  center  platform. 

“I  bring  a  whole  series  of  skills  around  exe¬ 
cution  to  ensure  that  we  really  take  Red  Hat  to 
the  next  level,”  Whitehurst  says.  “And  that  is 
something  that  the  board  was  looking  for’’ 

Zachary  says  it  is  wait-and-see  time,  but  that 
Whitehurst  certainly  “has  the  background  to 
take  Red  Hat  to  the  next  level.” 

Nearly  a  year  ago,  the  company  released 
Version  5  of  Red  Hat  Enterprise  Linux  (RHEL), 
but  it  was  efforts  to  rationalize  its  2006  acquisi¬ 
tion  of  JBoss,  join  the  virtualization  craze,  stave 
off  attacks  on  its  services  and  support  crown 
jewel,  and  court  Java  developers  where  the 
company  faced  down  new  competitors  such 
as  IBM,Oracle/BEA  and  Sun.  All  of  which  lined 
up  to  take  shots  at  the  upstart. 

Red  Hat’s  revenge 

But  Whitehurst  is  readying  Red  Hat’s  revenge. 

“Certainly  we  will  move  beyond  just  the 
[operating  system] ,  and  we  are  already  doing 
that  to  some  extent,”  he  says.“If  you  look  at  our 
Linux  automation  kind  of  broader  technology 
vision  and  what  we  are  looking  at  in  delivering 
around  SOA  and  middleware,  we  have  a  pretty 
compelling  value  proposition  that  we  think 
works  quite  nicely  together.  We  need  to  do  a 
better  job  of  articulating  that  in  the  market¬ 
place.  I  think  that  is  an  area  where  our  execu¬ 
tion  can  improve." 

The  goal  is  to  get  JBoss  to  grow  at  twice  the 
rate  of  RHEL. 

The  message  is  that  Red  Hat  middleware 
will  support  intranets,  SOAs  and  online  ser¬ 
vices.  Virtualization  will  fuel  application 
portability  allowing  ISVs  to  tie  together  oper¬ 
ating  system  and  application  into  one  certi- 
fied-to-run  package  that  can  be  installed  on 
servers  or  in  the  cloud. 

Telling  the  virtualization  story,  Whitehurst 
says,  is  another  area  where  Red  Hat  needs  bet¬ 
ter  execution. 

Whitehurst  also  has  sized  up  the  competi¬ 
tion.  He  respects  Microsoft’s  success  but  isn’t 
intimidated.  He  says  he’s  not  a  religious  zealot 
who  won’t  develop  relationships  with  propri¬ 
etary  software  vendors,  but  the  issue  with 
Microsoft  is  lock-in  and  software  bloat.  “We 
think  our  much  more  nimble,  open  source, 
higher-value  offerings  are  very  competitive 
with  them,”  he  says. 

As  far  as  Novell, he  says  Red  Hat  does  not  see 
the  company  very  often  in  competitive  deals. 

“In  terms  of  being  a  competitor,  it  is  not  a 
bad  competitor  to  have  if  you  are  not  running 
into  them  a  lot,”  he  says.  On  Oracle, Whitehurst 
doesn’t  slow  down. “They  create  a  lot  of  noise 
but  not  a  lot  of  progress,”  he  says.  “It  always 
pays  to  be  paranoid,  so  we  do  follow  their 
activities  closely.  But  our  model  is  quite 


durable  so  we  feel  very,  very  good  about  that.” 

The  Red  Hat  model  is  open  source  projects 
such  as  Fedora  and  JBoss  complemented  by 
enterprise  versions  of  the  same  software  tied 
into  a  service  package. 

Whitehurst  says  he’s  not  about  to  abandon 
the  desktop  but  is  pragmatic  about  the  evolu¬ 
tion  of  desktop  Linux,  a  business  he  says  does 
not  appear  to  have  potential  to  generate  a  lot 
of  “big  dollars.” 

“Desktop  is  a  place  that  is  important  to  sup¬ 
port  certain  areas  of  the  world  or  certain  cus¬ 
tomers  in  certain  circumstances,”  he  says. 

Overall, Whitehurst  sees  his  role  as  executing 
on  progress. 

“This  is  a  company  that  still  has  a  lot  to  do  in 
developing  the  processes  and  the  systems  and 
the  governance  structures  to  continue  to  scale 
and  be  effective,”  he  says.“So  I  will  be  spending 
a  fair  amount  of  time  making  sure  that  we  are 
developing  the  models  of  decision  making 
and  alj  of  this  basic  infrastructure  kind  of  stuff 
to  ensure  we  are  enabling  the  business  and  not 
hindering  it.”  ■ 


InBrief 

Microsoft  delays  Vista  SP1 
availability 

Vista  SP1  will  not  be  available  until  mid- 
March  because  Microsoft  is  working  out 
issues  with  some  device  drivers  that  lose 
functionality  when  the  service  pack  is 
installed.  The  company  said  last  week  that 
Vista  SP1  had  hit  its  release-to-manufac- 
turing  milestone,  meaning  the  software  is 
ready  to  be  packaged  for  distribution. 

AT&T:  3G  expansion  on  tap 

AT&T  plans  to  expand  its  3G  wireless 
broadband  network  to  80  additional  cities 
in  2008,  thus  bringing  its  3G  services  to 
almost  350  major  U.S.  markets  by  year- 
end. The  company  says  its  expansion 
plans  are  meant  to  connect  more  cus¬ 
tomers  to  high-speed  mobile  broadband, 
as  well  as  pave  the  way  for  the  eventual 
deployment  of  4G  networks.  In  addition  to 
expanding  its  network,  the  company  plans 
on  completing  its  High  Speed  Uplink 
Packet  Access  network  by  mid-year, 
which  AT&T  says  will  let  customers  with 
HSUPA-enabled  laptops  send  files  more 
quickly  than  on  AT&T's  standard  3G  net¬ 
work.  Currently,  AT&T's  3G  network  can 
reach  downlink  speeds  of  up  to  1,400Kbps 
and  uplink  speeds  of  up  to  800Kbps. 


Go  online  to  read 
our  Q&A  with  Red 
Hat  GEO  Jim 
Whitehurst 

Whitehurst  talks 
about  his  background  and  his  plans  to 
conquer  the  enterprise  infrastructure 
market.  He  also  weighs  in  on  Linux 
desktops,  virtualization,  Red  Hat's  role 
in  the  future  of  open  source,  and  of 
course,  Microsoft. 

www.nwdocfinder.com/3856 
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Deploy 
in  days, 
not  months. 


No  kidding  around.  Installing  a  KACE  KBOX  gives  you  complete  systems  management  in  days, 
not  months.  We’ll  also  do  it  for  one-third  the  cost  of  the  big  three.  Give  us  a  call,  let  us  prove  it. 

Welcome  to  KACE  Time. 


Enterprise  Management  Associates 

2008  Rising  Star 
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Systems  Management.  Done. 


www.kace.com/showme  877.MGMT.D0NE 


KACE  and  KBOX  are  trademarks  of  Kace  Networks  Inc.  All  other  registered  trademarks  are  owned  by  their  respective  companies. 


hile  every  organization  faces  unique  IT  challenges, 
a  core  set  of  technology  issues  affect  companies 
of  all  shapes  and  sizes.  To  help  you  deal  effectively 
with  these  top  concerns,  Network  World  offers  this  collection 
of  Executive  Guides  based  on  original  Network  World  reporting, 
research  and  analysis: 

•  Leveraging  information:  IT  for  IT,  the  promise  of  automation 

•  Optimizing  IT:  Bigger  bang  for  the  buck 

•  Governance  and  risk  management:  The  new  security  reality 

•  Empowering  people:  The  electronic  team 

•  Enabling  business  flexibility:  Agility  breeds  success 
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.INFRASTRUCTURE  LOG 


_DAY  89:  Our  power  and  cooling  costs  are  out  of  control. 
We  spend  the  bulk  of  our  IT  budget  just  keeping  the  data 
center  cool.  I  told  Gil  we  need  to  go  green  in  a  big  way. 


_DAY  91:  Gil  took  us  green... kelly  green,  to  be  exact. 

_DAY  93:  You  don’t  go  green  with  paint.  You  go  green  with 
IBM  Cool  Blue™  technology  and  energy  management  services. 
Advanced  server  and  storage  virtualization  can  help 
consolidate  our  boxes  to  lower  energy  usage.  And  the 
new  IBM  P0WER6™  systems  help  us  use  less  energy  doing 
the  same  amount  of  work.1 


_0ur  data  center  will  be  green  now.  And  painted  white. 


Learn  how  to  make  your  data  center  more  efficient: 

IBM.COM/TAKEBACKCONTROL/GREEN 
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1.  Requires  Advanced  Power  Virtualization,  which  is  optional  and  available  at  an  additional  charge.  IBM,  the  IBM  logo.  Cool  Blue,  POWER6  and  Take  Back  Control  are  trademarks  or  registered 
trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  ©2007  IBM  Corporation.  All  rights  reserved. 


EXECUTIVE  GUIDE 


Importance  of  self-healing/ 
self  management 

Given  the  growing  complexity  of  IT  environ¬ 
ments,  how  important  is  the  concept  of  self 


your  company's  IT  environment? 
I  Important 
H  Somewhat  important 
M  Not  very  important 
H  Not  at  all  important 


Tools,  management  software  save  money,  increase  efficiency 


Sponsored  by  IBM 


The  promise  of  IT  automation  has  dangled  in 
front  of  the  industry  for  years,  as  compelling 
and  elusive  as  the  promise  of  the  paperless 
office.  While  there  have  been  some  gains,  the 
technology  has  delivered  only  basic,  task- 
oriented  functions,  says  David  Williams,  a 
research  vice  president  at  Gartner.  Now  the 
focus  is  on  automating  more  complex,  cross¬ 
domain  IT  processes,  he  says,  and  new  tools 
are  emerging  to  aid  in  that  effort.The  result: 
increased  efficiency,  faster  recovery  rates, 
fewer  human-induced  errors  and  lowered 
costs.  An  inside  look  at  critical  developments 
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INFRASTRUCTURE  LOG 


.DAY  79:  Our  IT  environment  is  rigid  and  inflexible. 

We  can’t  adapt  to  our  changing  business  needs.  Oh  no.. 
I  was  afraid  of  this.  We’re  so  rigid,  we’re  stuck  in  time. 

. Infrastructurus  prehistoricus.  I’ve  read  about  this. 

.DAY  80:  I’m  taking  back  control  with  IBM  SOA  solutions 
Now  we  have  the  hardware,  software  and  services 
we  need  to  respond  to  change.  IT  strategy,  planning  and 
implementation  are  in  tune  with  our  specific  business 
needs.  We’re  deploying  and  updating  business  processes 
faster  and  more  efficiently.  We’re  evolving! 

.Good-bye,  rigid  past.  Hello,  flexible  future. 
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IT  consolidation  efforts,  coupled  with  tech¬ 
nologies  such  as  virtualization,  storage-area 
networks,  blade  servers,  grid  computing  and 
Linux,  are  coalescing  into  a  potent  mix  that  can 
help  companies  begin  to  restore  the  balance  of 
capital  expenditures  to  operating  expenditures. 
Today,  after  all,  it  isn’t  uncommon  for  compa¬ 
nies  to  be  spending  80%  of  their  IT  budgets 
on  the  latter,  leaving  precious  little  to  invest 
in  new  technology  that  will  move  the  cause 
forward.  A  look  at  the  core  technologies 
making  it  possible. 


P  ILL 


Planned  Data  Center  Investments 

Which  of  the  following  areas  does  your  organi¬ 
zation  plan  to  make  substantial  data  center 
investments  within  the  next  three  years? 


i  Responding 


Server  virtualization 
(VMware,  Xen.etc.) 


Storage  virtualization  42% 

Blade  servers  37% 

Open  source  tools  29% 

Grid  computing  11% 

1K04 

None  of  the  above  |U  /U 

Base=245  Multiple  responses  allowed 

Source:  NetworkWorld 
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GUIDE  TO  GOVERNANCE 
AND  RISK  MANAGEMENT: 

The  new  security  reality 


Governance  and  risk 

management:  The 

1  . 


While  the  government  now  mandates  compli¬ 
ance  with  a  range  of  security  practices,  big 
business  doesn’t  need  the  reminder.  Breaches 
cost  millions  of  dollars,  jeopardize  the  brand 
and  have  even  put  some  companies  out  of 
business.  Compliance  is  the  law,  but  sound 
security  is  now  a  corporate  requirement.  An 
examination  of  the  tools  companies  are  bringing 
to  bear  to  mitigate  risk,  comply  with  government 
regulations  and  keep  the  bad  guys  at  bay. 


Influence  of  Compliance  on 
Security  Issues 

Compliance  is  driving  security  issues  that: 


We  were  going  to  do  anyway 
We  might  have  undertaken  anyway 
We  probably  wouldn't  have  gotten 
around  to 

We  don’t  really  need 
Other 


INFRASTRUCTURE  LOG 


_DAY  62:  Everyone  s  completely  overwhelmed  by  their 
desktops.  People  keep  flipping  between  browser  windows 
The  in-boxes  are  overflowing.  So  many  applications. 

All  the  user  interfaces  are  different.  How  is  anyone 
supposed  to  collaborate  when  they’re  flooded  with 
all  this  stuff?  This  is  so  frustrating.  We  need  to  get 
our  heads  above  water. 

_Gil  has  grown  gills  just  so  he  can  stay  on  e-mail 
longer.  Help. 
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EMPOWERING 
PEOPLE: 


electronic  team 


P  ILL 

Importance  of  Collaborative 
Technologies 

How  important  are  new  collaborative 
technologies  to  your  company's  future 
productivity  goals? 


Important 

Somewhat  important 
Not  very  important 
Not  at  all  important 


i 

47% 

M% 

A  host  of  Web  2.0  and  other  collaboration  tools 
is  making  it  possible  for  workers  stationed  at 
remote  company  sites  and  within  partner  and 
customer  organizations  to  work  to  a  single  end. 
Tasks  are  no  longer  bounded  by  who  can  be 
ushered  into  what  conference  rooms  at  an 
appointed  hour.  Now  it  is  possible  to  stitch 
together  teams  on  the  fly  by  quickly  ascertaining 
who  is  available,  who  has  what  knowledge 
of  an  issue  and  who  can  access  what  communi¬ 
cations  capabilities.  A  look  at  how  companies 
are  empowering  their  front-line  teams. 


Source:  NetworkWorld 


Business  is  becoming  less  predictable,  cycles  are  getting 
shorter,  margins  are  getting  squeezed  and  globalization 
is  changing  the  playing  field.  Many  companies  will  survive 
this  perfect  storm,  but  only  the  agile  will  thrive,  and  IT  is 
the  key  enabler.  An  inside  look  at  the  technologies  that 
companies  are  pursuing  to  ensure  they  stay  fleet  of  foot. 


Consideration  of  agility  in 
IT  planning 

In  terms  of  IT  planning,  agility: 


Is  core  to  everything  we  do 

Is  a  key  consideration 

Is  rarely  considered 

Has  nothing  to  do  with  IT  planning 


1 

54% 

18% 

17% 
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Take  back  control  of  the  desktops  with 
IBM  Lotus'  Notes'  and  Lotus'  Domino *  8. 

Control  end-user  productivity  by  putting  the  applications 
and  tools  everyone  uses  all  in  one  place.  An  intuitive,  Web-like 
interface  means  users  can  work  more  efficiently  and  with 
minimal  IT  support. 

Control  your  environment  by  easily  creating  Web  2. 0-based 
composite  applications.  Your  co-workers  now  have  a  role- 
based  work  space  so  they  can  quickly  adapt  to  their  changing 
business  needs. 

Control  and  enhance  communications  with  integrated  e-mail, 
instant  messaging,  calendanng,  and  contact  management  tools 
that  make  collaboration  faster  and  more  effective. 

Control  your  time  with  powerful  desktop  management  tools. 
Now  you  can  centrally  manage  deployment  and  upgrades. 
Open  standards  give  you  a  flexible  platform  to  easily  develop 
new  plug-ins. 

Control  your  investments  by  working  with  your  existing 
assets  and  platforms.  Backward  and  forward  compatibility 
means  less  time  and  money  spent  on  new  apps  and  on 
training  co-workers  to  use  them. 


* 


Control  your  overflowing  desktops  with  IBM  Lotus  Notes 
and  Domino  8  software,  the  new  standard  in  desktop  and 
collaboration  environments. 


NEWS  ANALYSIS 


Free  DNS:  Is  it  worth  the  cost? 

OpenDNS,  NeuStar  give  away  services,  but  buyers  worry  there’s  a  catch 


BY  CAROLYN  DUFFY  MARSAN 

If  there’s  no  such  thing  as  a  free  lunch,  how 
can  there  be  a  free  service  that  handles  a  net¬ 
work  management  function  as  critical  as 
DNS?  That’s  what  corporate  IT  executives  are 
wondering  as  they  consider  two  vendors  tout¬ 
ing  free  DNS  services  that  supposedly  are 
ready  for  the  enterprise. 

Both  vendors  —  OpenDNS  and  NeuStar  — 
are  offering  a  free  recursive-DNS  service, 
which  is  the  type  of  DNS  service  that  allows 
employees  to  surf  the  Web  by  typing  domain 
names  into  their  browsers  and  translating 
them  into  the  corresponding  IP  addresses. 

The  free  services  don’t  include  external 
DNS,  which  is  how  such  Web  sites  as 
Amazon.com  publish  the  latest  information 
about  their  DNS  and  IP  address  changes  to  its 
customers  over  the  Internet. 

The  question  for  corporate  IT  executives  is 
whether  the  free  recursive-DNS  services  are 
too  good  to  be  true. 

“There  really  is  no  reason  why  you  wouldn’t 
go  down  this  road  unless  you’ve  already 
invested  heavily  in  an  external  DNS  infrastruc¬ 
ture,  which  is  what  all  the  major  e-commerce 
sites  have  done,”  says  Robert  Whiteley  senior 
analyst  with  Forrester  Research.  “The  vast 
majority  of  the  market  is  still  in  need  of  mak¬ 
ing  sure  employees  have  better  access  to  the 
Web.” 

OpenDNS  pioneers  free  DNS 

OpenDNS  is  the  pioneer  in  the  area  of  free 
DNS  services. 

Launched  18  months  ago,  OpenDNS  pro¬ 
vides  what  it  says  is  a  faster,  more  reliable  alter¬ 
native  to  DNS  services  offered  by  ISPs. 
Individuals  and  companies  sign  up  for  the  free 
OpenDNS  service,  and  it  handles  their  DNS 
queries  for  them. 

OpenDNS  makes  money  by  selling  advertis¬ 
ing  on  its  redirection  service.  When  users  type 
a  wrong  address  in  their  browsers,  OpenDNS 
redirects  them  to  the  most  likely  site. The  redi¬ 
rection  page  has  advertisements.  OpenDNS 
also  provides  Web  content-filtering  services 
and  operates  PhishTank.com,  a  community 
site  that  fights  phishing. 

Originally  focused  on  consumers,  OpenDNS 
says  its  customer  base  has  grown  to  3  million 
users,  including  10,000  schools  and  thousands 
of  small-to-midsize  businesses. 

“ISPs  are  not  that  good  at  DNS,”  says  David 
Ulevitch,  president  of  OpenDNS. “That’s  why  a 
lot  of  people  are  starting  to  unbundle  DNS 
from  their  ISPWe  can  offer  more  features  and 
more  control  over  their  network.  DNS  is  the 
unsung  hero  of  the  Internet.  When  it  goes 
away,  it’s  a  massive  disaster.  But  when  it  works, 
nobody  thinks  about  it.” 


HIPPY  25TH  BIRTHDAY 

DNS  was  first  discussed  by  its  cre¬ 
ator,  Paul  Mockapetris,  in  January 
1983.  It  was  first  tested  success¬ 
fully  in  June  of  that  year. 


OpenDNS  counts  among  its  enterprise  cus¬ 
tomers  Jackson  Public  Schools,  the  largest 
school  district  in  Mississippi,  with  36,000  users. 
The  school  district  processes  as  many  as 
15,000  DNS  requests  per  hour  from  its  stu¬ 
dents,  teachers  and  administrators. 

OpenDNS’  service  has  been  “rock-solid  for 
us,” says  Gavin  Guynes,  director  of  information 
technology  services  with  Jackson  Public 
Schools,  which  switched  from  BellSouth’s  DNS 
service  to  OpenDNS  a  year  ago.“We’ve  seen  no 
drawbacks  to  date.” 

Guynes  says  he  likes  the  extra  services 
offered  by  OpenDNS,  including  the  redirection 
service  and  Web  filtering.“We’re  trying  to  com¬ 
bat  spyware,  spam  and  all  of  that,”  he  says. 
“People  have  a  tendency  to  misspell  stuff  and 
go  to  sites  they  shouldn’t.  OpenDNS  cuts  down 
on  a  lot  of  that.”  Guynes  adds  that  OpenDNS’ 
performance  “has  been  great . . .  and  the  relia¬ 
bility  has  been  perfect.” 

Ulevitch  says  OpenDNS  offers  more  than 
recursive  DNS  services.  For  example,  Open¬ 
DNS  will  announce  this  month  that  it’s  able  to 
block  30  additional  Web-site  categories,  includ¬ 
ing  gambling  and  social-networking. 

“What  we’re  really  providing  to  people  is 
control  over  DNS,  which  is  what  every  IT 
administrator  needs,”  Ulevitch  says.  “We’re  try¬ 
ing  to  give  people  as  much  information  as  pos¬ 
sible,  including  stats  about  their  DNS  usage, 
their  top  50  domains.  We  give  them  the  ability 
to  block  Facebook  or  MySpace.  And  we  run 
the  industry-leading  antiphishing  service.” 
“OpenDNS  is  appropriate  for  any  corporate 
environment.  Companies  have  nothing  to  lose 
by  trying  it  out,”  Ulevitch  says. 

NeuStar  enters  fray 

The  newcomer  to  the  free  DNS  arena  is 
NeuStar,  which  launched  its  DNS  Advantage 
service  in  December. 

NeuStar  operates  the  .biz  and  .us  top-level 
domains.  In  2006,  NeuStar  bought  UltraDNS,  a 
service  provider  that  offers  managed  external 
DNS  services.  Now  NeuStar  is  offering  free 
recursive-DNS  services  to  the  7,000  corpora¬ 
tions  that  already  use  its  managed  external 
DNS  services,  as  well  as  any  other  company 
that  wants  to  sign  up. 

NeuStar  says  a  dozen  enterprise  customers 


of  its  managed  external  DNS  services  already 
have  signed  up  for  DNS  Advantage.  One  early 
customer  is  InVision  Networks,  a  Burr  Ridge, 
Ill.,  systems  integrator. 

“We  decided  to  make  the  switch  from  using 
in-house  recursive-DNS  services  to  using  DNS 
Advantage  because  we  were  interested  in 
enhancing  the  overall  reliability  and  perform¬ 
ance  of  the  Internet  experience  for  our  end 
users,”  InVision  president  Brian  Young  said  in  a 
statement. 

NeuStar  says  it  has  more  DNS  servers 
deployed  around  the  globe  than  OpenDNS, 
and  a  more  robust  DNS  infrastructure  to  sup¬ 
port  its  paid  services. 

“We  have  20  publicly  available  DNS  servers 
around  the  world,  as  well  as  locations  inside 
the  networks  run  by  AOL,  Comcast, Yahoo  and 
AT&T’  says  Ben  Petro,  senior  vice  president  of 
NeuStar  Ultra  Services.“Our  DNS  servers  are  in 
Equinix  locations,  with  quad  Gig  Ethernet 
capabilities  and  multiple  service  providers.We 
have  no  single  point  of  failure.” 

NeuStar  is  using  the  same  DNS  infrastructure 
for  its  free  recursive-DNS  service  that  it  uses  for 
managed  external-DNS  services  provided  to 
Amazon.com,  Forbes.com  and  others. 

“Seventeen  of  the  top  20  e-commerce  sites 
are  on  our  managed  service,”  Petro  says. 
“They  pay  thousands  of  dollars  a  month  for 
this  service.” 

NeuStar  admits  it  isn’t  offering  free  recursive- 
DNS  services  as  a  charity  case.  The  company 
says  the  knowledge  it  will  gain  about  trends  in 
DNS  use  by  offering  recursive  DNS  will  help 
improve  the  quality  of  its  highly  profitable 
managed  external-DNS  services. 

“Let’s  assume  Amazon.com  has  a  failure 
within  their  time-to-live  window. That’s  the  win¬ 
dow  of  time  they  set  to  change  their  DNS 
records.  There’s  nothing  they  can  do.  They 
have  to  wait  for  the  time-to-live  window  to 
expire.  But  if  we  manage  their  external  DNS 
service,  we  can  change  their  time-to-live  win¬ 
dow  wherever  we  provide  recursive-DNS  ser¬ 
vices,”  Petro  explains.The  more  recursive-DNS 
services  we  provide,  the  faster  and  more  reli¬ 
able  our  other  managed  DNS  services 
become.  .  .  .  Offering  recursive-DNS  services 
helps  our  traffic  management  and  load  bal¬ 
ancing  tools,  too.” 

Petro  says  NeuStar’s  DNS  Advantage  is  faster, 
more  reliable  and  more  secure  than  what  ISPs 
offer.  The  service  includes  Web  filtering,  typo 
redirection  and  protection  against  distributed 
denial-of-service  attacks. 

“It’s  not  a  gift,”  Petro  says. “It’s  something  that 
absolutely  enables  us  to  improve  our  man¬ 
aged  services.  Our  [external  DNS]  customers 
will  pay  more  if  our  services  are  highly  tunable 
all  the  way  down  to  the  recursive  level.”  ■ 
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How  to  Protect  and  Improve  System  Performance 

The  Top  Ten  Points  to  Know  about  Fragmentation 


I  professionals  are  heroes  of  the  workplace.  Whether  with  cunning 
wit  or  a  Phillip’s  head  screwdriver,  they  solve  most  any  computer 
emergency.  However,  keeping  a  computer  running  at  top  speed 
is  usually  preventative  maintenance  instead  of  last-minute,  adrenaline- 
surging,  virus-vaccinating  heroics. 


Here  are  10  key  points  to  maintain  peak 
performance  across  any  network: 

1.  The  hard-disk  is  the  slowest  part  of  any 
system. 

Say  you  are  operating  a  2.5  GHz  processor. 
That’s  2.5  billion  operations  every  second. 

A  large  number  of 
hard  disks  only  spin 
at  7200  rotations  per 
minute,  or  120  cycles 
per  second,  or  120 
Hz.  This  means  your 
CPU  is  more  than  20 
million  times  faster 
than  the  hard  disk.  The  hard  disk  still  has  me¬ 
chanical  components.  Think  Terminator  2®, 
when  a  mechanized  Schwarzenegger  is 
outclassed  by  the  faster,  smarter  T-1000. 
When  the  slowest  part  of  your  computer  is 
making  unnecessary  reads,  the  entire  sys¬ 
tem  is  dragged  down. 

2.  Fragmentation  has  severe  affects. 

It’s  more  than  sluggish  and  crawling 
computer  speeds;  fragmentation  leads 
to  crashes,  hangs,  data  errors,  file 
corruption  and  boot-time  failures.  Files  that 
suffer  fragmentation  are  more  difficult  and 
take  longer  to  back  up.  When  systems  are 
thoroughly  defragmented,  they  run  faster 
and  more  reliably — period. 

3.  Real-time  defragmentation  is  necessary. 

Many  companies  rely  on  24/7,  mission- 
critical  servers.  Taking 
these  systems  offline 
for  maintenance  is 
not  an  option.  But, 
having  a  server  with 
I/O  bottlenecks  is 
also  not  an  option. 
Only  real-time,  in¬ 
visible  defragmentation  fixes  this  catch- 
22  situation. 

4.  Give  your  systems  faster-than-new  speeds. 

NTFS  best-fit  attempts  for  file  placement 
on  hard  drives  are  limited.  Diskeeper®  2008 
comes  with  a  new  technology  called 
I-FAAST™  (Intelligent  File  Access  Ac¬ 
celeration  Sequencing  Technology)1  that 
re-sequences  your  files.  So,  in  addition 
to  consolidating  free  space,  defragment¬ 
ing  with  Diskeeper  boosts  access  to  your 


most  frequently  used  files  by  as  much  as 
80%.  I-FAAST  gives  systems  faster-than- 
new  speeds. 

5.  Servers  are  especially  susceptible. 

While  disk  striping  improves  physical 
I/O  capacity  and  per¬ 
formance,  RAID  and 
SAN  systems  simply 
do  not  fix  fragmenta¬ 
tion  where  it  begins — 
at  the  file  system. 
Enormous  volumes 
with  heavy  read/ 
write  activity  lead  to  astronomical  fragmen¬ 
tation  rates,  making  RAID  and  SAN  work 
harder  than  they  should.  The  efficiency 
of  RAID  and  SAN  may  lessen  some  of 
the  physical  effects  of  fragmentation,  but 


fragmentation  is  never  eliminated.  You’ll 
need  to  buy  more  and  more  equipment  to 
compensate.  Sooner  or  later,  the  tortoise 
catches  the  hare,  and  your  system  suffers 
I/O  bottlenecks  and  slow  server  speeds. 

6.  Operate  without  interrupting  productivity. 

The  new  InvisiTasking™  technology  makes 
software  transparent.  Diskeeper  2008 
with  InvisiTasking  will  work  invisibly  in 
the  background;  only  using  untapped  re¬ 
sources.  Systems  are  continually  improved 
without  any  management  or  impact  on  a 
system’s  usability. 

7.  Defragment  despite  minimal  free  space. 

The  purpose  of  defragmentation  is  to 
restore  lost  speed  and  performance.  A 
defrag  engine  must  be  able  to  operate  in 
limited  free  space,  because  drives  with 
extremely  limited  free  space  are  the  ones 
in  need  of  the  most  help.  Diskeeper  2008 
handles  millions  of  fragments  and  can 
function  with  as  little  as  1%  free  space. 

8.  Stop  fragmentation  before  it  happens. 

Diskeeper  2008  comes  with  Frag  Shield'" 
2.0,  a  technology  that  automatically  defends 
against  fragmentation  of  critical  system  files. 


Frag  Shield  2.0  prevents  crash-inducing 
fragmentation.  It’s  like  Superman  saving  the 
day — two  days  before  there’s  a  problem. 

9.  Auto-defrag  breathes  life  into  systems. 

It  keeps  systems  at  optimum  speeds 
and  eliminates  fragmentation-related 
performance  issues.  Thoroughly  defragging 
systems  adds  2-3  years  onto  the  hardware’s 
useful  life.2 

10.  Analyze  your  network’s  performance. 

Poor  performance  on  a  remote  system  can 
easily  be  mistaken  for  a  slow  network.  Get 
Disk  Performance  Analyzer  for  Networks™. 
This  free  utility  scans  networked  systems 
for  fragmentation.  See  for  yourself  how 
fragmentation  is  affecting  your  systems. 
This  groundbreaking  program  will  provide 
comprehensive  reports  on  how  system 
speeds  will  improve  with  thorough  defrag¬ 
mentation.  Visit  www.diskeeper.com/nwll 
and  get  this  free,  must-have  utility. 

Diskeeper  2008  is  the  only  fully- 
automated  defragmentation  program.  It 
operates  invisibly  in  the  background  and  it 


dynamically  adapts  defragmentation  strate¬ 
gies  to  fit  the  needs  of  individual  volumes. 
With  new  defrag  engines,  Diskeeper  2008 
restores  performance  on  volumes  with  as 
little  as  1%  free  space.  Get  rid  of  slows, 
bottlenecks,  and  fragmentation-induced 
crashes.  Visit  www.diskeeper.com/nw9 

1  Available  on  Pro  Premier,  Server  and  EnterpriseServer  editions. 

2  See  white  paper  at  www.diskeeper.com/nwpaper1 
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Maximizing  Performance  and  Reliability — Automatically ™ 

Try  it  FREE  for  45  days! 

Download  a  free  trial  at 

www.diskeeper.com/nw9 

(Note:  Special  45-day  trialware  is 
only  available  at  the  above  link) 

Volume  licensing  and  Government/Education  discounts  are 
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IBM  exec  chats  up  Google  relationship 


IBM  and  Google  might  seem  like  polar  opposites 
in  the  world  of  technology,  yet  the  companies  have 
a  budding  partnership  around  cloud  computing 
that  seeks  to  combine  the  best  features  of  business 
computing  with  the  Internet.  Steve  Mills,  the  senior 
vice  president  and  group  executive  for  IBM's  soft¬ 
ware  business  since  July  2000,  explained  the  goals  of  the  IBM- 
Google  relationship  to  Network  World  Senior  Writer  Jon  Brodkin 
in  an  interview  this  week  at  IBM's  New  York  City  offices. 


IBM  teamed  up  with  Google  last  October 
for  a  cloud-computing  initiative  that,  in 
IBM’s  words,  will  promote  open  stan¬ 
dards  and  new  software  methods  “that 
will  drive  the  growth  of  the  next  genera¬ 
tion  of  the  Internet."  What  exactly  are 
you  attempting  to  achieve? 

Let’s  try  to  put  a  little  definition  around 
some  of  this.  Broadly  defined,  this  Internet 
cloud  we  connect  to  has  a  certain  set  of 
attributes  related  to  the  way  in  which  appli¬ 
cations  get  scattered  across  it  and  the  way 
we  access  them.  Google  certainly  is  one  of 
those  companies  that  people  identify  with¬ 
in  the  context  of  the  Internet.  They  deliver  a 
largely  stateless  environment  to  people. The 
question  is  whether  this  highly  dynamic 
type  of  deployment  environment  can  be 
made  richer  [and]  more  manageable,  and 
[whether]  more  significant  application 
capability  can  be  dynamically  scheduled. 
Besides  having  to  maintain  the  state  of 
someone’s  transaction  or  activity,  you  have 
to  persist  their  data.  And  finally  you  [have 
to]  flexibly  schedule  those  resources  to  get 
some  of  the  attributes  of  this  highly  dy¬ 
namic,  Google-like  environment  and  still 
ensure  you’re  running  things  the  way  you 
want  to  run  it,  which  is  typical  of  the  corpo¬ 
rate  data-center  environment. 

So,  how  will  you  achieve  this  merger 
of  Internet  and  corporate  computing 
capabilities? 

Obviously  you’ve  got  to  catalogue  your 
configurations  with  greater  care. You  have 
to  have  a  comprehensive  picture  of  your 
resources,  so  you  think  about  how  much 
storage  is  required,  how  much  network 
connection  is  required,  how  much  com¬ 
pute  is  required.You  have  to  think  about 
these  characteristics  of  what  you’re  deploy¬ 
ing  the  application  to  with  greater  specific¬ 
ity  because  the  application  doesn’t  really 


lend  itself  to  being  broken  up  and  spread. 

It  needs  to  have  a  place  to  go,  and  if  it’s 
going  to  perform,  its  data  has  to  be  close  to 
it. That’s  what  you  deal  with  in  the  enter¬ 
prise  world. That  is  the  concept:  How  do 
you  apply  cloud  attributes  to  corporate 
computing? 

How  extensive  will  your  partnership 
with  Google  become? 

It’s  hard  to  predict  where  these  things  go. 
We  each  make  money  in  different  ways. 
Everyone  wants  to  write  about  the  things 
Google  could  do  in  the  future,  and  that  cre¬ 
ates  this  aura  of  the  Google  possibilities. 

But  as  we  all  know,  the  business  is  nearly 
100%  grounded  in  the  core  advertising- 
revenue-generating  model,  and  many  of  the 
incremental  services  and  capabilities 
they’re  rolling  out  are  geared  more  toward 
the  consumer  than  the  business  buyer. 
These  kinds  of  dynamic  scheduling  of  busi¬ 
ness  applications  is  something  where  IBM 
technology  can  be  brought  to  bear  in  the 
context  of  Google’s  infrastructure  to  poten¬ 
tially  give  them  more  leverage  on  where 
they  want  to  take  Google.  We  look  at 
Google  as  a  customer  in  this  sense:  They’re 
a  potential  customer  for  our  technology  If 
they  build  up  a  more  significant  delivery 
capability  into  businesses,  especially  small 
businesses,  there  might  be  a  business 
opportunity  there  for  us  to  work  together. 

You  talk  about  changing  the  Internet. 
How  is  it  going  to  be  different  for  the 
average  user? 

The  average  user  is  obviously  going  to  be 
paying  attention  to  what’s  possible  on  the 
Internet,  what  kind  of  application  ser¬ 
vices  are  available,  how  much  more  reli¬ 
able  and  secure  that  environment  be¬ 
comes  for  your  data  and  information.  I 
think  everybody  is  excited  about  the  Web 


2.0  and  mashup  capabilities. This  idea 
that  an  application  doesn’t  have  to  exist 
in  one  place,  but  can  be  a  composite  of 
multiple  pieces  coming  from  multiple 
places,  is  a  very  powerful  model  facilitated 
by  Web  2.0. 

Does  the  software-as-a-service  trend 
pose  any  challenges  to  IBM? 

It  provides  a  challenge  to  us  in  [this] 
context:  Who  our  customer  is  is  shifting. 
Not  wholesale,  but  it  continues  to  move. 
It  moves  to  a  process  outsourcer,  who 
then  becomes  our  customer  in  effect.  We 
need  to  know  who  those  customers  are. 
Our  challenge  is  to  track  what’s  happen¬ 
ing  and  go  out  and  sell  our  products  to 
them. They’re  clearly  taking  the  place  of 
what  might  have  been  a  traditional  cus¬ 
tomer  we  had  been  selling  to  that  no 
longer  needs  software  and  hardware  to 
do  that  job. 

IBM’s  software  group  just  announced 
some  revenue  increases  with  Lotus, 
information  management,  Tivoli,  Web¬ 
Sphere  and  other  products.  What’s  been 
driving  this  growth? 

We’re  a  $20  billion  software  business, so  in 
order  for  it  to  grow,  the  whole  thing  has  to 
lift.  We  don’t  have  the  luxury  of  focusing  on 
one  area  and  not  others.  It  is  the  world’s 
largest  software  portfolio.  We’re  not  as  big  as 
Microsoft  as  a  software  company,  but  our 
portfolio  is  substantially  larger.  We  don’t  get 
the  kind  of  money  from  a  single  product 
like  Windows  as  they  do.  Windows  and 
Office  fuel  a  huge  amount  of  revenue  and 
profit  for  Microsoft.  We  don’t  have  those 
franchises. 

IBM  plans  to  establish  a  cloud-comput¬ 
ing  center  for  software  companies  in 
China.  What  is  driving  your  emphasis  in 
that  part  of  the  world? 

The  market  in  China  is  advancing  quickly 
It’s  a  double-digit-growth  technology  mar- 
ket.You  have  a  lot  of  businesses  there  look¬ 
ing  at  new  models  and  innovative  ideas. 
Obviously  it’s  a  market  that’s  not  as  mature 
as  the  G8-country  markets.  But  it’s  on  a 
rocket  in  terms  of  how  they’re  working  to 
leapfrog,  therefore  there’s  a  lot  of  opportu¬ 
nity  and  a  lot  of  interesting  project  work.B 

■  Read  the  entire  interview  with 

Steve  Mills  at  www.nwdocfinder. 

com/3857 
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Looking  for  that  special  solution? 

Take  a  moment  to  discover  what  thousands  of  other  IT  professionals  already  know  -  log  on  to  techie-harmony  today! 


“I  never  thought  I  was  the  type  of  person  that 
would  find  an  AD  solution  online.  Boy,  was  I  wrong!” 

-Meg  D,  FL 


“Before  techie-harmony,  I  spent  long  hours  by  myself  in  the 
server  room,  trying  to  manage  2000  users  with  a  combination 
of  native  tools  and  logon  scripting- 1  feel  like  I  have  a  whole  new  life!” 

-John  C,  California 


“After  trying  several  other  solutions,  I  was  tired  of  being  disappointed. 
But  with  techie-harmony's  help,  I  was  able  to  find  solutions  that  helped 
me  getover  my  HIPAA  compliance  issues!" 

-Michael  P,  NY  •  'l0l 
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techie  -  harmony  .com 

can  match  you  with 
the  IT  solution  of  your  dreams! 


“Whether  you’re  an  admin  looking  for  a  desktop 
management  solution,  a  manager  looking  to  manage 
Active  Directory  more  efficiently,  or  a  CIO  dreaming 
of  securing  his  server  data,  techie-harmony  can 
help.  Take  a  moment  to  discover  what  thousands 
of  other  IT  professionals  alreadyknow-  log  on 
to  techie-harmony  today!” 

-Dr.  Barney  Wyans,  Founder 
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Antiphishing 

continued  from  page  1 

Fenton,  a  distinguished  engineer  with  Cisco 
and  one  of  the  authors  of  the  standard. “DKIM 
isn’t  going  to  put  an  end  to  phishing,  but  I’m 
confident  that  DKIM  is  going  to  make  it  harder 
for  phishing  attacks  to  occur 

Under  development  since  2004,  DKIM  finally 
is  reaching  a  critical  mass.  It’s  expected  to  be 
widely  deployed  this  year,  particularly  in  finan¬ 
cial  services  and  e-commerce  firms.  Early 
adopters  include  Bank  of  America,  American 
Greetings  and  Cisco. 

“My  guess  is  that  probably  half  of  the  Fortune 
1000  will  be  DKIM  signing  in  2008,”  predicts 
Greg  Olson,  director  of  product  management 
at  Sendmail,  which  started  shipping  a  DKIM- 
compliant  e-mail  appliance  in  November. 

DKIM  allows  an  organization  to  insert  a  cryp¬ 
tographic  signature  in  outbound  e-mail  and 
associate  that  signature  with  its  domain  name. 
The  signature  travels  with  the  e-mail  regardless 
of  its  path  across  the  Internet.  The  recipient  of 
the  e-mail  can  use  the  signature  to  validate  that 
the  message  came  from  the  organization’s 
domain  name.  (See  our  story  on  deploying 
DKIM  at  www.nwdocfinder.com/3832.) 

“Right  now,  a  receiver  of  a  message  has  no 
confidence  that  the  message  they  are  receiving 
is  from  whom  it  claims  to  be  from,”  Olson 
explains.“DKIM  is  a  way  to  permit  a  receiver  of 
a  message  to  validate  that  a  message  is,  in  fact, 
from  whom  it  claims  to  be  from.” 

DKIM  won’t  eliminate  e-mail  fraud  altogether, 
but  it  will  help  companies  that  are  targets  of 
phishing  scams  give  their  customers  a  way  of 
ensuring  they  sent  a  particular  message. 

“If  the  receiver  has  confidence  that  an  e-mail 
that  claims  to  be  from  Bank  of  America  is  from 
Bank  of  America,  then  they  are  not  going  to 
worry  that  someone  is  trying  to  steal  their 
Social  Security  number;”  Olson  says. 

DKIM  is  a  merger  of  two  protocols:  Domain- 
Keys,  which  was  created  by  Yahoo,  and 
Identified  Internet  Mail,  which  was  created  by 
Cisco. These  companies  along  with  other  mes¬ 
saging  vendors  and  ISPs  are  working  with  the 
IETF’s  DKIM  working  group  on  technical  spec¬ 
ifications,  which  are  almost  done. 

The  IETF’s  DKIM  working  group  is  still  tweak¬ 
ing  the  Sender  Signing  Practices  (SSP),  which 
is  a  document  that  will  describe  how  senders 
can  provide  information  in  their  DKIM  records 
for  recipients  to  use  in  deciding  what  steps  to 
take  with  messages  received  from  the  sender. 

“If  I  sign  all  my  mail  and  you  get  a  message 
that  purports  to  come  from  me  that’s  not 
signed,  then  you  can  assume  that  message  is 
not  from  me,”  Olson  explains.  “That  policy 
would  be  in  the  DNS  record  associated  with 
the  sender. The  SSP  is  in  its  10th  draft  right  now. 
...  I  hope  it  will  be  done  soon.” 

Network  vendors  say  DKIM  is  ready  for 
deployment.  In  November,  20  ISPs  and  messag¬ 
ing  vendors  conducted  an  interoperability  test 
of  their  DKIM  deployments. 

Vendors  that  participated  in  the  DKIM 


Protecting  the  mail 

Percent  of  legitimate  e-mail  sent 
from  organizations  that  is 
authorized  using  DKIM  or  another 
approach,  dubbed  Sender  ID: 
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interoperability  test  say  the  standard  works, 
and  that  no  technical  stumbling  blocks  were 
discovered. 

DKIM-compliant  software  and  appliances  are 
available  today  from  Sendmail,  IronPort,  Alt-N 
Technologies,  Message  Systems,  Port25 
Solutions,  StrongMail  Systems  and  others. 

DKIM  adoption  is  accelerating,  especially 
among  banks,  mortgage  companies  and  insur¬ 
ance  companies. 

“There  will  be  rapid  adoption  of  DKIM,”  says 
Charles  Stiles,  director  of  worldwide  business 
development  for  Goodmail,  a  certified  e-mail 
service  that  will  support  DKIM  in  May“The  stan¬ 
dard  is  proving  to  be  very  successful. The  best 
and  brightest  people  in  the  world  worked  on  it. 
It  offers  up  a  foolproof,  spoof-proof  way  to 
authenticate  messages.” 

BITS,  a  group  of  100  of  the  largest  U.S.  finan¬ 
cial  institutions,  last  year  recommended  that  its 
members  adopt  DKIM  by  October  2008.  BITS 
also  recommended  two  other  standards  for 
securing  e-mail: Transport  Layer  Security  which 
encrypts  e-mail  messages  between  servers;  and 
either  Sender  ID  Framework  or  Sender  Policy 
Framework  (SPF)  to  validate  that  a  received 
e-mail  originates  from  an  authorized  mail  serv¬ 
er  within  a  particular  domain.  (See  our  story 
on  Microsoft-backed  Sender  ID  e-mail  security 
technology  at  www.nwdocfinder.com/3833.) 

“What  BITS  is  doing  here,  with  all  of  its  mem¬ 


bers  speaking  in  one  voice  with  such  a  massive 
impact, gives  people  confidence  in  DKIM,” says 
Patrick  Peterson,  vice  president  of  technology 
for  IronPort,  an  e-mail  appliance  vendor  that 
supports  DKIM.“It  s  unlike  anything  we’ve  seen” 
in  terms  of  driving  DKIM  adoption. 

ISPs  are  adopting  DKIM  because  they  want 
to  protect  their  customers  against  spam  and 
phishing  scams.  E-mail  senders  are  trying  to 
protect  their  brands,  identities  and  customers 
from  phishing  scams. 

PayPal  and  eBay  have  teamed  with  Yahoo  to 
battle  phishing  attacks  with  DKIM.  PayPal  and 
eBay  are  signing  their  e-mails  with  DKIM,  and 
Yahoo  Mail  will  block  e-mails  claiming  to  be 
sent  by  eBay  and  PayPal  that  haven’t  been 
signed  through  DKIM. 

“EBay  and  PayPal  have  always  attracted 
fraudsters,  phishers  and  all  that.  Our  customers 
see  too  much  e-mail  that  isn’t  coming  from  us,” 
says  Mike  Vergara,  director  of  account  protec¬ 
tion  at  PayPal,  which  is  owned  by  eBay  (read 
our  Q&A  with  Vergara  at  www.nwdocfinder 
.com/3855). “DKIM  takes  a  good  industrywide 
standards  approach.  We  need  to  add  strong 
authentication  to  our  e-mails  so  customers  can 
have  confidence  that  it  did  come  from  us.  And 
we  need  to  get  ISPs  to  leverage  that  so  we  can 
say  to  them:  If  it  didn’t  come  from  us,  please 
don’t  deliver  it.” 

PayPal  is  deploying  DKIM  after  already  rolling 
out  SPF  a  complementary  Microsoft-backed 
standard  that  is  an  extension  to  the  Simple 
Mail  Transfer  Protocol.  SPF  lets  software  reject 
e-mail  coming  out  of  forged  “from”  addresses. 

Vergara  says  the  hardest  part  about  deploy¬ 
ing  DKIM  was  documenting  PayPal’s  e-mail 
infrastructure  to  determine  all  the  systems  and 
domains  that  send  e-mail  to  customers. 

“There’s  no  one  postmaster  at  eBay  or  PayPal. 
It  took  a  lot  of  time  to  figure  out  all  the  e-mails 
we  were  sending  —  transactional  e-mails,  mar¬ 
keting  e-mails,  customer  support  e-mails  — 
and  where  they  were  coming  from  around  the 
world/Vergara  says.“Getting  our  hands  around 
that  took  us  12  months.  Rolling  out  e-mail 
appliances  and  upgrading  them  to  DKIM  took 
a  couple  of  weeks.” 

Vergara  says  DKIM  works.  He  says  Yahoo 
has  blocked  hundreds  of  thousands  — 
sometimes  millions  —  of  messages  per  day 
that  supposedly  came  from  eBay  or  PayPal 
but  weren’t  legitimate  because  they  weren’t 
DKIM  signed. 

Now  PayPal  is  in  discussion  with  other  ISPs  to 
convince  them  to  block  messages  from  either 
PayPal  or  eBay  that  aren’t  signed  with  DKIM. 

“We  can’t  solve  this  e-mail  fraud  problem  on 
our  own, ’’Vergara  says.“We  are  trying  to  light  a 
fire  under  the  ISPs  to  help  us  solve  this  prob¬ 
lem  for  the  people  who  use  our  services.” 

DKIM  has  its  limitations.  A  minority  of 
companies  is  signing  their  outbound  mes¬ 
sages  with  DKIM,  and  fewer  still  are  check¬ 
ing  for  DKIM  signatures  on  inbound  mail. 
But  backers  of  the  technology  hope  this 
problem  will  be  eliminated  as  ISPs  and 
banks  deploy  DKIM.B 


24  •  FEBRUARY  11,  2008  •  www.networkworld.com 


Line  up  network  problems. 


You've  got  an  eyewitness. 

Is  it  a  network,  application,  or  security  problem?  Find  out  instantly  with  the 
Network  Instruments®  GigaStor™  appliance.  No  other  analysis  device  can 
quickly  isolate  the  issue  to  provide  valuable  retrospective  analysis  and  security 
forensics.  Every  transaction  is  recorded,  making  it  easy  to  go  back  in  time  to 
determine  not  only  when  the  anomaly  took  place,  but  why. 

Resolve  intermittent  problems,  track  compliance,  isolate  VoIP  quality 
issues,  identify  zero-day  attacks  and  more  on  WAN,  Gigabit  and  10  GbE 
networks.  Reduce  network  complexity  with  the  GigaStor.  Because  when  it 
comes  to  your  network,  everything  is  a  suspect. 

GigaStor:  Get  proof.  Take  action.  Move  forward. 


NETWORK 

INSTRUMENTS 


Learn  more  about  GigaStor.  800-526-5958 

www.Networklnstruments.com/eyewitness 


©  2007  Network  Instruments,  LLC.  All  rights  reserved.  GigaStor,  Network  Instruments,  and  all  associated  logos  are  trademarks  or  registered  trademarks  of  Network  Instruments,  LLC. 


NEWS  ANALYSIS 


ICA 

continued  from  page  1 

jointly  that  combine  Nortel’s  voice  technology 
with  Microsoft’s  application  expertise  for  a  uni¬ 
fied  communications  market  that  was  worth 
$26.5  billion  last  year  and  is  expected  to  near 
$50  billion  by  2012,  according  to  In-Stat  and 
Wainhouse  Research.  Six  months  after  forming 
ICA,  Microsoft  CEO  Steve  Ballmer  and  Nortel 
CEO  Mike  Zafirovski  updated  reporters  and 
analysts  with  a  road  map  for  2007  and  2008. 

Offerings  announced  at  that  time  included 
Converged  Office,  Integrated  Branch,  Session 
Initiation  Protocol  interoperability  between 
Nortel’s  Communications  Server  1000  and 
Microsoft’s  Exchange  Server  2007,  and  integra¬ 
tion  between  Nortel’s  Multimedia  Confer¬ 
encing  5.0  system  and  Microsoft’s  Office  Com¬ 
municator  2007. 

“We  are  very  much  on  plan  and  delivering 
the  products,  which  were  outlined  by  the 
CEOs,” says  Ruchi  Prasad,  Nortel  vice  president 
and  general  manager  for  ICA. 

General  availability  of  more  ICA  products  is 
expected  to  be  announced  next  month  at  VON. 

ICA  is  viewed  as  a  deep  relationship  heavy 
on  joint  development  and  product  consolida¬ 
tion.  Other  multivendor  interoperability  and 
integration  strategies  are  more  superficial.  For 
example,  Nortel  and  Cisco  recently  agreed  to 
integrate  IBM’s  Lotus  Sametime  software  into 
their  unified  communications  products,  but 
those  are  looser  agreements  of  support  rather 
than  combined  development  of  new  products. 

The  vision  of  Cisco,  which  last  year  bought 
Web  conferencing  company  WebEx  in  a  multi¬ 
billion  dollar  deal,  is  that  the  network  should 
be  the  nerve  center  of  a  unified  communica¬ 
tions  setup. 

Nortel  and  Microsoft  argue  that  ICA  differs 
from  other  unified-communications  initiatives 
in  that  it  leverages  the  ubiquity  of  Microsoft’s 
enterprise  desktop  and  server  software, 
enhanced  with  more  than  100  years  of  tele¬ 
com  expertise  form  Nortel. 

ICA  is  key  to  Nortel’s  increasing  reliance  on 
software  and  services  for  future  growth.  ICA 
sales  have  been  a  contributor  to  the  company’s 
enterprise  division  realizing  four  consecutive 
quarters  of  double-digit  year-over-year  growth, 
Prasad  says.  Customers  are  buying  Nortel  CS 
1000  platforms  —  the  company’s  IP  PBX  — 
integration  licenses,  services,  applications  and 
data  products  across  the  enterprise  portfolio, 
she  says. 

Carriers  also  are  interested  in  the  ICA  for 
their  own  internal  requirements,  as  well  as 
managed  service  rollouts,  according  to  Nortel. 
Swisscom  just  completed  a  trial  of  the  CS  2000 
softswitch  natively  integrated  with  Office 
Communications  Server  (OCS)  2007,  Prasad 
says. “Customers  . .  .are  looking  for  Nortel  and 
Microsoft  to  provide  this  bridge  to  the  future 
where  voice  becomes  an  application  in  a  PBX- 
less  environment  and  deliver  the  road  map 
and  take  them  across  this  bridge,”  she  says. 

Some  customers  are  anxious  to  try  ICA  prod- 


Nortel,  Microsoft  team  up 

A  rundown  of  the  first  batch  of 
jointly  developed  unified  communi¬ 
cations  offerings  from  the  pair: 

Converged  Office:  Lets  users  make 
VoIP  calls,  send  instant  messages  or 
check  other  users’  online  presence  with¬ 
out  having  to  toggle  among  applications. 

Integrated  Branch:  Includes  Nortel’s 
Secure  Router  4134  to  deploy  the 
Converged  Office  unification  ofVolP,  e- 
mail,  instant  messaging  (IM)  and  other 
communications  across  an  enterprise’s 
remote  offices. 

Nortel  Multimedia  Conferencing/ 
Microsoft  Office  Communicator  2007 
combination:  Allows  for  one  client 
experience  across  applications  such  as 
e-mail,  voice,  IM,  presence,  and  audio- 
and  videoconferencing. 

Native  SIP  interoperability  across 
Nortel’s  Communications  Server 
1000  and  Microsoft’s  Exchange 
Server  2007:  Will  enable  the  platforms 
to  share  a  signaling  scheme  for  unified 
communications  and  VoIP  sessions  that 
include  Microsoft  messaging  and  calen¬ 
dar  applications. 


ucts.  Bruce  Meyer,  director  of  network  services 
at  ProMedica  Healthcare  in  Toledo,  Ohio,  is 
waiting  for  a  video-and  audioconferencing  sys¬ 
tem  based  on  Nortel’s  Multimedia  Com¬ 
munications  Server  5100  product  to  save 
money  on  travel  and  on  telecommunications 
services.  He  expects  to  see  something  this 
quarter  or  next. 

“It’s  a  unique  alliance  because  . . .  it’s  more 
than  stamping  logos  on  each  others’ sales  engi¬ 
neers’  cards  and  [shaking]  everybody’s  hand,” 
Meyer  says.“I  figured  12  months  was  probably 
pretty  good  before  we’d  really  start  to  know 
what  this  could  be.  Everything  prior  was  two 
big  companies  exploring  what  can  we  do  and 
can’t  we  do,  given  our  product  line.” 

Analysts  caution  any  ICA  sales  to  date  do  not 
include  a  completed  solution. 

“What’s  difficult  to  understand  when  they 
announce  a  joint  customer  is  what  products 
have  come  out  due  to  the  alliance,  and  what 
could  have  been  possible  without  the 
alliance,”  says  Elizabeth  Herrell  of  Forrester 
Research.“I  think  the  way  you’ll  track  it  eventu¬ 
ally  —  and  I  don’t  think  we  can  do  it  today  — 
is  like  when  OCS  comes  out  with  baked-in  tele¬ 
phony  features  that  are  from  Nortel. Then  we’ll 
see  if  they  have  a  fully  integrated  solution  as 
opposed  to  solutions  that  are  joined  with  gate¬ 
ways,  etc.” 

Herrell  expects  several  ICA  announcements 


this  year  that  will  demonstrate  the  gradual 
integration  of  the  companies’  products.  A  sin¬ 
gle  software  system  for  unified  communica¬ 
tions  will  appear  in  2010  when  the  alliance 
concludes, says  Zig  Serafin, general  manager  of 
Microsoft’s  unified  communications  group. 

With  this  software,  customers  will  be  able  to 
evolve  from  the  Nortel  Communications 
Server  1000  and  2000  IP  telephony  platforms  to 
an  OCS  call-management  system  enhanced  by 
Nortel  telephony  feature  modules,  he  says. 

It  will  be  one  software  system  “utilizing  IT 
infrastructure  and  management  tools  people 
have  been  used  to  in  the  Microsoft  environ¬ 
ment,”  Serafin  says. 

Some  analysts  believe  this  goal  puts  the 
future  of  some  Nortel  software  products  in 
doubt. 

“I  don’t  think  it’s  added  a  lot  to  Nortel’s  cred¬ 
ibility?’ says  Zeus  Kerravala  of  the  Yankee  Group. 
“In  many  ways,  it’s  added  a  lot  of  questions:  If 
you  were  a  customer  of  Nortel’s  before  and  you 
invested  in  things  like  their  unified  messaging 
software, should  you  indeed  continue  to  invest 
in  Nortel  software?  When  you  look  at  this 
alliance,  a  lot  of  it  seems  to  indicate  that  that’s 
going  to  fall  Microsoft’s  waj?’ 

Nortel  says  CallPilot,  its  unified  messaging 
software  “will  continue  to  serve  our  customers’ 
needs  whenever  appropriate.” 

“Nortel  must  be  able  to  provide  messaging  to 
customers  outside  the  ICA  agreement,”  a 
spokesman  says.  “Where  industry  consolida¬ 
tion  has  occurred  and  multiple  e-mail  plat¬ 
forms  exist,  CallPilot  can  bridge  across  the  sys¬ 
tems  providing  [unified  messaging]  to  all  users 
regardless  of  e-mail  system.  Nortel  also  sees 
some  vertical  markets  with  requirements  to 
store  voice  and  fax  messages  in  a  separate 
repository  from  email,  which  is  a  key  compo¬ 
nent  of  CallPilot’s  architecture.” 

The  long-term  future  of  Nortel’s  CS  1000  IP 
PBX  may  not  be  as  secure,  the  company  indi¬ 
cates.  “Softwarebased  VoIP  is  the  future  of 
voice,  and  Nortel  is  working  aggressively  with 
Microsoft  and  others  to  enable  voice  as  an 
application,”  the  spokesman  says. 

“That  said,  the  transition  to  that  vision  will 
happen  over  time.  While  software-based  voice 
solutions  like  Microsoft  OCS  may  be  appropri¬ 
ate  today  for  some  businesses,  most  enterprise 
customers  will  not  be  ready  to  trust  their  voice 
needs  to  such  major  network  transformation,” 
the  spokesman  adds. 

While  product  rationalization  plays  itself  out, 
the  alliance’s  more  immediate  goals  are  to 
ramp  up  the  number  of  integration-services 
specialists  trained  in  ICA  products.The  compa¬ 
nies  want  to  double  Nortel’s  300  Microsoft  cer¬ 
tified  engineers  over  the  next  year  and  triple  it 
in  two  years. 

Nortel  currently  holds  23%  of  all  Live 
Communications  Server  certifications  and  40% 
of  all  OCS  certifications,  Prasad  says.  Indeed, 
the  ICA  alliance  makes  Nortel  a  significant 
channel  for  Microsoft  as  it  looks  to  attain  lead¬ 
ership  in  enterprise  VoIP  IP  telephony  and  uni¬ 
fied  communications.  ■ 
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What  a  fragile  communications  web  we’ve  woven 


A  ubiquitous  Inte¬ 
rnet  requires  ubiq¬ 
uitous  connectivi¬ 
ty  and  we  are  doing 
quite  well  in  this  arena. 
Of  course,  there  are  sig¬ 
nificant  parts  of  the 
world  and  of  the 
United  States  where 
there  is  far  from 
enough  transmission 
capacity  but  those 
areas  are  shrinking  every  day 
What  we  don’t  have  in  too  many  places  is  the 
real  redundancy  required  for  high  reliability 
This  is  the  case  for  most  enterprises  and  too 
many  countries.  Few  enterprises  have  set  their 
networks  to  include  redundant  connections  to 
sites  or  buildings,  never  mind  redundancy  to 
phone  closets.  Quite  a  few  do  have  redundant 
Internet  connections,  but  in  many  cases  these 
connections  share  common  or  adjacent  physi¬ 
cal  facilities  (for  example,  fibers  or  conduits). 
Even  when  an  enterprise  has  paid  the  local 
phone  company  for  physically  diverse  redun¬ 
dant  paths  I  know  from  personal  experience 
that  the  phone  technicians  will  come  along  at 
some  point  and“fix”the  silly  longer  path  so  that 
it  is  shorter,  faster  and  more  efficient  and  —  it 
just  so  happens  —  in  the  same  fiber  as  the 
other  link. 

This  lack  of  redundancy  within  enterprises, 
and  thus  a  potential  lack  of  reliability  have  led 


many  telecom  experts  to  conclude  that  VoIP 
will  never  be  a  major  enterprise  telephony  solu¬ 
tion.  That  conclusion  mostly  seems  to  come 
from  old-line  telephone  folk  who  also  think  that 
VoIP  will  never  be  useful  without  central  quali¬ 
ty  management.  (1  heard  that  argument  as 
recently  as  two  weeks  ago.)  But  they  tend  to 
ignore  the  very  high  reliability  of  modern  net¬ 
work  equipment  and  the  near  ubiquity  of  cell 
phones.  Even  if  your  VoIP  desk  phone  were  to 
die, you  still  can  call  on  your  cell  phone.  In  this 
case,  the  redundancy  of  two  unrelated  commu¬ 
nications  systems  providing  the  same  service 
provides  for  almost  perfect  reliability 
What  got  me  thinking  about  redundancy  was 
the  recent  story  that  a  good  chunk  of  the 
Internet  connectivity  for  the  Middle  East  and 
South  Asia  died  due  to  breaks  in  undersea 
cables.  In  this  case  there  were  two  cables  from 
different  companies  that  were  running  under 
the  Mediterranean  Sea  near  each  other. 
Something  cut  both  cables,  maybe  a  ship’s 
anchor  dragging  in  rough  seas.This  was  a  case 
of  theoretical  but  not  quite  real  cable  redun¬ 
dancy  As  I  write  this,  some  connectivity  is 
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returning  as  ISPs  switch  to  satellite  paths.  But, 
because  95%  of  all  transoceanic  and  similar 
connectivity  is  through  fiber  cables  it  can  be  a 
big  hit  when  a  cable  gets  cut  and  worse  when 
more  than  one  is  involved. 

This  is  not  the  first  time  recently  that  some¬ 
thing  like  this  has  hit  Internet  connectivity  via 
undersea  cables.  A  bit  more  than  a  year  ago 
an  underwater  earthquake  broke  nine  subma¬ 
rine  cables,  disrupting  Internet  service  all  over 
the  Far  East. 

Clearly  the  Internet  is  important  enough  to 
international  communications  that  more 
thought  will  have  to  be  paid  in  the  future  to 
achieving  real  divergent-path  redundancy  For 
example,  linking  the  two  cables  to  others  to 
create  rings  around  the  globe  —  a  break  might 
make  the  traffic  take  the  long  way  around,  but 
the  setup  would  keep  things  going. 

In  the  old  days,  phone  regulators  would  just 
say  “do  it.”  It  would  be  done  and  the  prices 
raised  to  pay  for  it.  That  is  no  longer  the  way 
things  work,  much  for  the  better  in  almost  all 
cases,  but  maybe  not  in  this  one. 

Disclaimer:  Harvard  does  not  grok  “just  do  it” 
and  instead  assumes  “proper  discussion”  is 
required  for  everything.  In  any  case,  the  above 
discussion  about  redundancy  represents  my 
own  opinion. 

Bradner  is  Harvard  University’s  technology 
security  officer.  He  can  be  reached  at 
sob@sobco. 
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What  those  oceanic  cable  cuts  mean  to  you 


Forget  the  Super  Bowl.  Ignore  the  presiden¬ 
tial  primaries.  For  network  geeks,  the  really 
big  news  recently  was  the  cable  outages  in 
the  Mediterranean,  which  disrupted  Internet 
connections  to  Europe  and  the  Middle  East.The 
outages  have  raised  a  host  of  questions  about 
the  vulnerability  of  the  Internet  and  the  plans 
enterprises  should  have  in  place  to  protect 
themselves  from  the  consequences.  Here  are 
some  frequently  asked  questions  —  and  the 
answers. 

Is  it  likely  the  cable  cuts  were  intentional? 
And  more  importantly,  are  we  at  the  dawn  of  a  new  era  of  “cable 
terrorism,"  in  which  malcontents  try  to  disrupt  global  communi¬ 
cations  via  cable  cuts? 

Nope.  Cutting  cables  is  a  lot  more  difficult  than  it  looks.  For  one  thing, 
you  have  to  first  locate  the  cables  —  no  small  feat  when  they’re  some¬ 
where  in  the  middle  of  an  ocean,  under  miles  of  water.  Even  with  the  lat- 
est-and-greatest  technology,  this  is  no  easy  task.  According  to  the  delight¬ 
ful  book  Blind  Man 's  Bluff  the  United  States  spent  a  fair  amount  of  time 
in  the  1960s  and  1970s  attempting  to  locate  and  tap  Soviet  cables. 
Although  there  reportedly  were  noteworthy  successes,  they  required 
decades  of  focused  effort  and  investment  in  a  fleet  of  nuclear  sub- 
marines.Terrorists  have  easier  ways  to  make  trouble. 

Should  enterprises  protect  themselves  against  cable  cuts  by 
multihoming? 

Again,  no.  Multihoming  —  connecting  to  more  than  one  ISP  — 
achieves  Layer  3  diversity  but  ignores  the  fact  that  when  it  comes  to 


transoceanic  links,  traffic  from  different  ISPs  typically  is  consolidated 
onto  a  single  set  of  pipes.  In  other  words,  just  because  you’re  connect¬ 
ing  to  both  Sprint  and  Verizon,  for  example,  doesn’t  necessarily  mean 
your  traffic  is  traversing  the  Atlantic  on  different  optical  cables. 

What’s  the  best  way  to  ensure  redundant  connectivity? 

Ask  your  carriers  for  cable  routes.  Keep  a  current  map  of  planned  and 
deployed  transoceanic  cables  on  your  wall,  and  get  confirmation  from 
your  providers  regarding  which  of  those  cables  they’re  using.  (Here’s  a 
really  good  trick:  Get  a  laminated  map  and  mark  it  up  with  erasable 
markers  to  show  which  cables  your  providers  are  relying  on.)  For  mis¬ 
sion-critical  sites  —  such  as  data  centers  and  call  centers  —  make  sure 
you’ve  got  minimally  two-  or  three-way  redundancy  Satellite  services 
may  be  an  option  for  remote  sites  —  but  latency  can  hammer  real-time 
applications  (such  as  voice,  video  and  interactive  applications). 

Are  there  any  other  impacts  and  issues? 

Yes. When  outsourcing, you  need  to  recognize  that  not  all  geographies 
are  created  equal.  If  you’re  debating  whether  to  place  your  data  center 
or  contact  center  in,  for  example,  Dubai  or  Singapore,  make  sure  you 
check  on  the  cabling  redundancy.  And  keep  in  mind  you’re  not  think¬ 
ing  just  about  vulnerability  to  accidental  cuts  —  you’ll  want  to  ask  your¬ 
self  how  vulnerable  the  networks  are  to  natural  disasters  (tsunamis,  hur¬ 
ricanes  and  earthquakes)  as  well  as  political  instability  Power  availabil¬ 
ity  is  another  key  factor. 

The  bottom  line?  Although  we’re  increasingly  accustomed  to  living 
virtually  don’t  forget:  The  physical  world  still  matters. 

Johna  Till  Johnson  is  president  and  senior  founding  partner  at 
Nemertes  Research.  She  can  be  reached  at  johna@nemertes.corn. 
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Tech  valentines 


An  errant  Valentine  Mail  Server  inadvertent¬ 
ly  forwarded  me  a  bunch  of  Valentines  for 
other  people.  Given  your  quirky  nature,  I 
thought  I  would  share. 

To:  Larry  Ellison,  Oracle  CEO 
From:  Larry  Ellison 
“Roses  are  red, 
violets  are  blue, 

There  is  no  one  1  love, 
as  much  as  you” 

To:  Kevin  Martin  FCC  chairman 
Fr:  Brian  Roberts,  Comcast  CEO 
“Want  us  to  go 
to  ‘smorgasbord’cable? 

Your  home  connection 
we  just  disabled” 

To:  Gary  Forsee,  ex-CEO,  Sprint 
From:  Sprint  customers 
“Sprint  and  Nextel, 

Nextel  and  Sprint, 

Our  service  is  so  awful, 
our  remarks  please  don’t  print” 

To:  Nicholas  Negroponte.One  Laptop  Per 

Child  chairman 

Fr:  Paul  Otellini,  Intel  CEO 

“Roses  are  red, 

violets  are  blue, 

You  hate  me, 

I  hate  you” 

To:  Steve  Jobs,  Apple  CEO 
From:  God 
“Your  Iphone  I  love 
your  IMac’s  the  way 
But  even  I  rested, 
the  Seventh  Day” 

To:  130,000  downsized  employees 
Fr:  Sam  Palmisano,  IBM  CEO 
“Your  job’s  OK, 
your  job’s  secure, 

Just  be  ready  to  move, 
to  Bangalore” 

To:  Carly  Fiorina,  ex-HP  CEO 
Fr:  Mark  Hurd,  current  HP  CEO 
“Some  are  called, 
some  are  chosen, 

You  showed  me  the  way, 
your  pension’s  frozen” 

To:  John  Chambers,  Cisco  CEO 
Fr:The  Cisco  Users  Group 
“Your  technology  is  great, 


from  hell 

it’s  really  a  buy, 

Your  service  is  so  high, 

I  could  just  cry 

To:  Joe  Tucci,  EMC  CEO 
Fr:  Steve  Ballmer,  Microsoft  CEO 
“You’re  ticking  me  off 
I’m  calling  a  cop, 

This  virtualization  stuff 
has  got  to  stop” 

To:  Steve  Ballmer 
Fr:  Jerry  Yang 
“$31  is  an  Insult! 
but  $35  would  be  nice 
I’ll  forgive  the  insult, 
just  meet  my  price” 

To:  Jerry  Yang 
Fr:  Steve  Balmer 
“A  62%  premium! 
our  bid  has  not  changed, 

If  Google  goes  higher, 
they  must  be  deranged” 

To:  Sergey  Brin  (Google  co-founder) 
Fr:  Larry  Page  (Google  co-founder) 
“Everyone  thinks  we’re 
joined  at  the  Hip, 

Stop  hogging  the  G-5 
or  get  a  Fat  Lip” 


To:  Paul  Jacobs,  CEO,  Qualcomm 
Fr:  Broadcom 
“Roses  are  red, 
violets  are  blue, 

Thank  God  you  are  around, 
we  need  someone  to  sue” 

To:  Jeff  Bezos,  CEO,  Amazon. com 
Fr:  Kindle  Users  Everywhere 
“Kindle’s  OK, 
it’s  not  an  w-reader, 

A  portable  Web  browser, 
would  be  a  crowd  pleaser” 

To:  Bill  Gates,  Microsoft  chairman 
Fr:  the  Pope 
“The  Nobel’s  a  lock, 
they  gave  one  to  Gore, 

Hold  out  for  sainthood, 
then  ask  for  more” 

To:  Ray  Ozzie,  Microsoft  CTO 
Fr:  Microsoft  users 
“You  got  the  cat  seat, 
you’re  making  big  bread, 

Good  luck  to  you, 
the  desktop’s  so  dead” 

Anderson  is  the  William  Porter  Distinguished 
Lecturer  at  MIT.  He  is  the  founder  of  The  Yankee 
Group  and  the  co-founder  of  Battery  Venture 
Capital. 


Dell/EMC  partnership  will  be 
tested  by  EqualLogic  deal 


BY  JON  BRODKIN 

Dell  and  EMC  are  good  friends  when  it 
comes  to  selling  joint  storage  products,  but 
Dell’s  acquisition  of  IP  storage-area-network 
vendor  EqualLogic  could  create  some  tension 
in  that  relationship. 

Dell  recently  completed  the  EqualLogic 
acquisition  and  last  week  announced  the  first 
products  resulting  from  that  buy  during  an 
event  for  journalists  and  analysts  at  Equal- 
Logic’s  headquarters  in  Nashua,  N.H. 

The  Dell  EqualLogic  PS5000  Series  storage- 
area-network  arrays  boast  built-in  virtualiza¬ 
tion,  plus  management  capabilities  including 
remote  replication  and  thin  provisioning;  and 
the  ability  to  create  multiple  tiers  of  storage  in 
a  single  SAN  while  optimizing  each  tier  for  the 
application  it  serves. 

Brad  Anderson,  Dell  senior  vice  president  of 
commercial  products,  contends  that  the 
EqualLogic  products  are  “complementary”  to 
those  offered  jointly  by  Dell  and  EMC,  but 
pointedly  said  Dell  won’t  use  any  EqualLogic 
technology  to  enhance  Dell’s  EMC  product 
line. 

While  the  Dell/EMC  partnership  remains 
lucrative  for  both  companies,  Dell  can  be 
expected  to  put  more  emphasis  on  Equal- 


Logic’s  product  line,  Forrester  analyst  Andrew 
Reichman  says. 

“In  the  long  term,  there  is  the  potential  for 
some  conflict  and  some  overlap,  and  maybe 
rationalizing  the  product  line  down  into  fewer 
models,”  Reichman  said,  following  a  panel  dis¬ 
cussion  he  lead  at  the  Dell-hosted  event.  “You 
have  to  figure  the  emphasis  [for  Dell]  is  going 
to  be  on  what  it  owns.  I  think  Dell  will  have  to 
pick  a  direction.” 

“Our  intent  is  to  grow  our  3,700-customer 
network  into  tens  of  thousands  of  customers 
at  Dell,” said  John  Joseph,  the  vice  president  of 
marketing  at  EqualLogic  who  is  now  taking  on 
the  same  role  at  Dell. 

The  Dell/EMC  joint  product  line  is  com¬ 
posed  of  the  AX  series  and  CX  series. 

Anderson  stressed  the  differences  between 
the  EqualLogic  and  Dell/EMC  product  lines, 
saying  EqualLogic  is  ideal  for  midrange  cus¬ 
tomers,  particularly  those  looking  to  virtualize 
storage. 

The  Dell/EMC  products  provide  Fibre 
Channel  and  iSCSI, and  may  be  preferred  by 
customers  who  have  standardized  on  Fibre, 
want  Fibre  at  an  entry-level  price  point,  or 
simply  prefer  the  EMC  “family  values,”  he 
said.B 
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TECH  UPDATE 

ft  An  inside  look  at  technologies  and  standards 


Guidelines  for  setting  retention  policies 


BY  PAUL  D’ARCY 


As  if  IT  managers  aren’t  busy  enough,  new  regulations  and  changes  to 
the  Federal  Rules  of  Civil  Procedure  now  make  them  the  protectors 
of  electronically  stored  information. 


Legal  departments  are  turning  to  IT  leader¬ 
ship  to  manage  the  retention,  deletion,  and 
search  and  recovery  of  electronic  informa¬ 
tion.  For  IT  management  in  large  companies, 
this  means  tracking  billions  of  e-mail  mes¬ 
sages,  database  records  and  desktop  files  as 
they  move  across  tens  of  thousands  of  servers 
and  desktop  computers. 

In  many  organizations,  figuring  out  what  to 
keep  is  as  difficult  as  managing  the  data  itself. 
Here  are  10  guidelines  for  the  retention  and 
deletion  of  electronically  stored  information 
that  may  help. 

Start  by  looking  in  the  mirror.  When  it  comes 
to  the  retention  of  electronic  information, busi¬ 
nesses  have  a  tremendous  amount  of  latitude. 
While  the  new  Federal  Rules  of  Civil  Pro¬ 
cedure  make  it  advantageous  to  have  a  policy 
they  don’t  govern  how  long  data  needs  to  be 
held.  So,  if  you  are  worried  about  email  and 
other  information,  delete  it  quickly.  If  you  think 
it  is  valuable  to  your  business,  keep  it  for  as 
long  as  it  is  useful. 

Don’t  let  users  determine  what  you  keep.  If 

you  are  letting  users  decide  which  messages 
and  documents  are  kept,  you  don’t  have  a 
retention  policy.  Good  retention  policies 
automate  the  preservation  of  electronic 
information  and  mandate  the  destruction  of 
documents  in  accordance  with  policy. 

Remember  the  regulations.  There  are  thou¬ 
sands  of  city,  state  and  federal  rules  that 
require  retention  of  electronic  records  — 
Occupational  Safety  and  Health  Adminis¬ 
tration  regulations,  the  Sarbanes-Oxley  Act, 
and  the  Fair  Labor  Standards  Act  are  exam¬ 
ples.  While  a  60-day  e-mail  retention  policy 
may  be  the  right  strategy  for  litigation,  you’ll 
need  to  make  sure  your  policy  includes 
exceptions  where  regulations  require  longer 
retention  rules. 


Got  great  ideas? 

■  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you’ve 
got  one,  and  want  to  contribute  it  to  a 
future  issue,  contact  Editor  in  Chief 

John  Dix  Gdix@nww.com) 


Understand  the  cost  of  litigation.  According 
to  the  international  law  firm  Fulbright  and 
Jaworski,  the  average  billion-dollar  U.S.  com¬ 
pany  is  facing  more  than  500  discrete  lawsuits. 
The  electronic  discovery  for  a  single  lawsuit 
can  cost  hundreds  of  thousands  or  even  mil¬ 
lions  of  dollars.  If  mistakes  are  made,  litigation 
can  be  lost  on  process  grounds,  regardless  of 
the  merits  of  the  case. 


Is  your  organization 
prepared  for  a  lawsuit? 

Electronically  stored  information  that  is 
“reasonably  accessible”  is  discoverable 
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Take  advantage  of  safe-harbor  provisions. 

New  court  rules  allow  organizations  with  stan¬ 
dard  retention  policies  to  delete  information 
unrelated  to  the  case  with  impunity  If  you 
don’t  have  a  formal  retention  policy,  the  dele¬ 
tion  of  information  may  be  held  against  your 
organization  in  court. 

Prepare  now  for  electronic  discovery.  When 
litigation  starts, electronic  discovery  soon  fol¬ 
lows.  Companies  often  have  only  a  few 
weeks  to  scour  billions  of  messages  and  files 
for  relevant  data.  If  you  are  not  prepared  for 
e-discovery  the  costs  of  manual  search  and 
recovery  can  be  staggering. 

Start  where  the  lawyers  start  —  e-mail. 

While  all  types  of  electronic  records  are  sub¬ 
ject  to  retention  and  discovery  —  database 
records,  files  on  servers  and  personal  com¬ 
puters,  electronic  communications,  CAD  files 
—  not  all  are  equal  targets  when  litigation 
begins.  When  it  comes  to  managing  electron¬ 
ic  information,  companies  should  be  smart 


and  start  where  the  lawyers  start:  with  e-mail. 
As  one  lawyer  said, “e-mail  is  where  the  juicy 
stuff  is.”  Only  e-mail  includes  important  docu¬ 
ments  sent  as  attachments  with  unguarded 
narrative  context  provided  by  employees. 
Lawyers  know  how  to  find  the  good  e-mail 
messages  for  a  case,  so  it’s  usually  where  they 
look  first. 

You  need  one  retention  policy  today. 

Even  before  litigation  happens,  courts 
require  companies  to  protect  potential  evi¬ 
dence  from  unlawful  destruction  or  spolia¬ 
tion. “Litigation  holds”  are  the  one  retention 
policy  that  no  company  can  afford  to 
ignore.  Because  evidence  can  be  in  the  past 
or  future,  organizations  need  to  put  process¬ 
es  and  technology  in  place  to  protect  e-mail 
and  other  records  from  destruction  during 
litigation. 

Invest  in  process  and  technology.  Effective 
retention-policy  management  requires  both 
new  processes  and  new  technology. To  imple¬ 
ment  a  retention  policy  you  can  defend,  you 
will  need  to  put  clear,  written  standards  in 
place  and  plan  on  extensive  ongoing  user 
training. You  will  need  to  implement  process¬ 
es  that  look  for  violations  and  immediately 
correct  problems.  For  electronic  communica¬ 
tions  such  as  e-mail,  process  is  not  enough. 
With  millions  or  billions  of  messages  to  man¬ 
age,  most  companies  require  a  third-party 
archiving  service  or  software  to  manage  the 
collection,  retention  and  deletion  of  individ¬ 
ual  messages. 

Electronic  information  is  hard  to  destroy. 

Everyone  knows  that  electronic  information 
can  be  duplicated  endlessly  throughout  the 
enterprise  with  a  simple  click  of  the  button.  E- 
mail  messages,  for  example,  often  sit  in  multi¬ 
ple  systems  and  on  backup  tapes  that  must  be 
managed  simultaneously  to  ensure  compli¬ 
ance  with  complex  retention  policies.  If  you 
delete  messages  from  one  system  and  leave 
them  on  another,  they  are  still  subject  to  elec¬ 
tronic  discovery. 

By  following  these  10  guidelines  it  is  possi¬ 
ble  to  create  a  retention  policy  that  meets 
business  needs  and  government  require¬ 
ments  and  significantly  reduces  litigation 
risk.  Creating  a  policy  won’t  be  fun,  but  this 
task  is  part  of  the  reality  of  IT  managers’  new 
role  as  the  protector  of  electronically  stored 
information. 

D'Arcy  is  vice  president  of  marketing  at 
MessageOne.  He  can  be  reached  at  Paul_dar 
cy@messageone.  com. 
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understand  and  resolve  my 
network  concerns  and  to  select 
solution  providers.” 

DALE  DONCHIN 
CAD  DIRECTOR. 

ANALOG  DEVICES  INC. 


Ip' 


www.networkworld.com/itr2008  or  call  1-800-643-4668 


Wrangling  XML  data  to  CSV 


In  the  last  three  weeks  I’ve  discussed  my 
search  —  nay  quest  —  for  a  Web  shopping 
cart  that  integrates  with  Quickbooks  and  my 
struggle  —  nay,  Herculean  battle  —  with 
Network  Solutions’  Pro  E-Commerce  shopping 
cart  service. 

As  a  result  of  my  criticisms  I  was  contacted  by 
a  senior  engineer  who  couldn’t  really  help. Then, 
after  I  wrote  last  week’s  Gearhead,  I  was  contacted  by  two  Network 
Solutions  big-wigs:  Shashi  Bellamkonda,  senior  product  manager,  and 
Jeff  Zimmerman,  vice  president,  E-commerce  Products. 

We  had  a  good  discussion,  or  perhaps  more  accurately,  1  had  a  good 
rant.  One  thing  that  became  clear  is  that  Network  Solutions’  lack  of  doc¬ 
umentation  is  perhaps  its  biggest  problem,  with  the  various  deficiencies 
and  bugs  I’ve  discussed  coming  in  a  very  close  second. 

That  said,  among  the  solutions  recommended  by  my  hosting  compa¬ 
ny  Intuit,  Network  Solutions  is  still,  as  far  as  1  can  determine,  the  best 
option.  Although  that’s  a  little  like  saying  an  SUV  with  three  wheels  is  bet¬ 
ter  than  one  with  two  wheels,  but  still .... 

It  turns  out  there  is  another  approach  to  a  major  problem  I  had  with 
the  Network  Solutions  services:  how  to  get  order  data  into  the  specific 
comma  separated  variable  (CSV)  format  a  fulfillment  company  can  use. 

Until  my  discussion  with  the  Network  Solutions  gentlemen,  the  only 
export  format  that  appeared  to  be  available  for  conversion  was  the  e-mail 
message  that  is  sent  to  the  administrator  when  an  order  is  accepted. 

As  1  discussed  last  week,  the  HTML  formatting  of  these  order  messages 
provides  some  structure  for  data  but  not  enough  to  make  the  translation 
easy  or  to  ensure  that  it  would  be  error  free.The  alternative  was  the  CSV 
export  feature  that  Network  Solutions  provides,  but  this  is  just  a  weird, 


somewhat  useless  summary  of  orders. 

There  is  also  XML  as  an  alternative  export  format  for  orders,  but  I  had¬ 
n’t  tried  it  because  1  assumed  it  would  provide  the  same  data  as  the  CSV 
export.  But  the  XML  version  actually  contains  all  of  the  order  detail!  The 
gentlemen  from  Network  Solutions  admitted  that  this  is,  in  fact,  not  doc¬ 
umented,  but  stopped  short  of  admitting  it  was  irrational  that  there  was  a 
difference  between  the  content  of  the  two  formats. 

So,  now  that  I  have  a  chunk  of  XML,  how  am  I  going  to  translate  it  into 
the  CSV  format  required  by  the  fulfillment  house? 

Back  when  I  thought  I’d  have  to  wrangle  the  content  out  of  e-mailed 
orders,  I  did  some  research  and  found  an  interesting  tool  called  Message 
Parse  that  looked  promising.  Message  Parse  ($80)  is  designed  to  extract 
data  from  messages  and  export  that  data  to  useful  formats.  You  define 
what  delimits  each  of  the  fields  you’re  interested  in  and  Message  Parse 
parses  the  message  content  looking  sequentially  for  your  fields  and 
assembles  the  results  to  create  the  output. 

Great! . . .  except  Message  Parse  only  works  on  messages  it  retrieves  from 
POP3  mailboxes,  while  I  have  a  downloaded  XML  file  to  work  with. 

I  suppose  1  could  copy  the  XML  content  into  an  e-mail  message,  send 
that  to  an  account  to  be  used  by  Message  Parse  and  have  it  extract  the 
data,  but  that  would  be  sort  of  ridiculous. 

I’ve  looked  at  all  sorts  of  XML  tools  but  I’ve  yet  to  find  one  that  can  do 
this  job  without  involving  serious  technical  overkill.  Suggestions? 

So,  what  was  it  that  I  had  planned  to  discuss  this  week?  Oh  yes,  what  e- 
commerce  solution  readers  have  recommended.We’ll  have  to  leave  that 
for  next  week. 

Gibbs  wrangles  technology  in  Ventura,  Calif.  Join  the  roundup  at  gear- 
head@gibbs.com. 


|  Sprout  and  blist  impress  with  betas 

Li 


COOLT 


ast  week  I  highlighted  some  of  the  new 
products  and  services  from  DEMO  08  that 
ilet  regular  people  do  things  that  previously 
required  professional  assistance.  This  week  I’m 
highlighting  the  beta  offerings  of  two  services. 

Sprout’s  Sprout  Builder  Web  service  and  appli¬ 
cation  lets  anyone  —  even  those  without  a  lick 
of  Flash  programming  knowledge  —  create  rich- 
media  widgets  (Web-enabled  applications)  and 
other  Flash  content.  Using  templates  and  a  very  intuitive  drag-and-drop 
interface,  an  inexperienced  designer  can  create  a  widget  quickly  that 
can  be  added  to  an  existing  Web  site  or  blog,  or  distributed  to  different 
social-networking  sites  (including  Facebook  and  MySpace)  and  gadget- 
distribution  sites  (including  iGoogle). 

In  about  an  hour,  I  was  able  to  create  a  Flash 
widget  that  highlighted  the  latest  episodes  of  the 
Network  World  podcasts,  including  each  show’s 
description  (using  an  RSS  feed  template),  an 
embedded  audio  player  and  the  show’s  logo.  1  was 
able  to  program  buttons  on  the  player  that  would 
advance  to  the  next  “slide”  in  the  widget,  which  is 
the  next  podcast  show  1  want  to  highlight. 

Because  the  site  is  still  in  beta,  there  are  a  few 
rough  edges,  and  some  features  are  missing  that 
I’d  like  to  see.  For  example,  it  would  be  great  if  the 
audio  player  template  let  you  put  in  an  audio 
XML  stream  instead  of  a  specific  MP3  file  or  URL. 

Hopefully  my  feedback  to  the  site  will  mean 
improved  features  as  the  site  continues. 

Blist  has  even  more  ambitious  plans  with  its  ser- 
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base  experts.  Its  online  databasebuilding  tool  is  intended  to  help  users 
create  the  “world’s  easiest  database,”  using  visual  and  intuitive  user  inter¬ 
faces  that  allow  them  to  manipulate  their  data  more  easily  The  compa¬ 
ny’s  goal  is  to  make  relational-database  creation  and  management  as 
easy  as  using  a  spreadsheet. 

Because  blist  is  a  Web  tool,  it  offers  features  not  normally  found  in  data¬ 
base  programs,  including  adding  embedded  photos  to  a  field;  telephone 
numbers  with  icons  to  a  phone-number  field  (for  cell  phone,  work 
phone  and  so  forth);  and  a  “star  rating”  field  that  lets  people  rate  their 
data  (great  for  creating  a  movie  database,  for  example). 

Like  Sprout  Builder’s  beta,  the  blist  beta  is  missing  some  features, 
including  the  ability  to  import  data  from  Excel  spreadsheets  or  Access 
databases  —  absolutely  critical  in  my  opinion. 

By  no  stretch  of  the  imagination  do  these  new  tools  mean  the  end  of 
Flash  programming  wizards,  database  gurus  or 
graphic  designers.  I  believe  these  tools  will 
enhance  and  complement  those  professionals’ 
efforts.  Using  Sprout,  regular  users  can  build  a 
widget  and  show  their  concept  to  a  Rash  devel¬ 
oper,  who  can  look  at  it  and  make  improvements, 
then  integrate  it  into  existing  systems.  Instead  of 
sitting  in  meetings  where  the  business  side  tries 
to  explain  what  they  want,  developers  can  hand 
over  the  widget  and  say, “make  this  better,”  In  addi¬ 
tion,  these  widgets  might  be  good  enough  that 
Flash  developers  and  graphic  designers  don’t 
need  to  get  involved,  reducing  their  workload 
and  giving  them  time  to  work  on  more  advanced 
projects. 


vice,  which  aims  to  turn  regular  people  into  data- 


Blist  aims  to  make  database  cre¬ 
ation  simple. 


Shaw  can  be  reached  at  kshaw@nww.com. 
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CLEAR  CHOICE  TEST  VIRTUAL  MACHINE  MANAGEMENT 

Part  III:  Taming  the  virtual  beast 

Tools  from  Onaro,  nworks,  PlateSpin,  Virtugo  tackle  different  pieces  of  the 
VM  management  puzzle,  but  there’s  no  silver  bullet 


BY  TOM  HENDERSON  AND  RAND  DVORAK,  NETWORK  WORLD 
LAB  ALLIANCE 

In  our  latest  set  of  test  of  virtual-machine  management  tools,  we 
examined  VM-host-centric  management,  planning  and  accounting 
applications  from  PlateSpin  andVirtugo  Software,  a  VMware  plug-in 
for  the  Microsoft  Operations  Manager  application  from  nworks,  and 
a  storage-area-network  management  tool  from  Onaro  (which  Network 
Appliance  has  just  acquired)  that  offers  specialized  insights  into  the  vir¬ 
tualized  world. 

We  also  tested  the  management  wares  that  come  as  part  of  Parallels 
(formerly  SWSoft)  Virtuozzo  virtual  application  platform  (see  page  45), 
and  we  assessed  the  usefulness  of  Reflex  Technologies’  VM  intrusion- 
protection  system  (see  page  44). 

In  previous  tests,  we  analyzed  the  management  capabilities  offered  by 
the  major  VM  vendors  (www.nwdocfinder.com/3621)  and  reviewed 
third-party  management  tools  that  have  specialized  conversion  capa¬ 
bilities  and  VM  instance-building  (www.nwdocfinder.com/3622).  The 
tool  tested  to  date  that  offers  the  broadest  range  of  management  fea¬ 
tures  is  the  open  source  Hyperic  HQ  tool  set  (www.nwdocfinder 
.com/3623). 

We’ve  identified  six  key  areas  that  need  to  be  addressed  to  make  VM 
management  workable  in  a  large  deployment  (See  the  sidebar  “What 
needs  to  be  managed”  at  www.nwdocfinder/3624  for  full  descriptions.) 
•  How  are  VM  snapshots  and  versions  tracked? 

•  How  are  moves,  adds  and  changes  of  VM  hosts,  their  guests  and 
applications  used  on  them  administered? 


•  How  are  VM  and  application  availability  monitored? 

•  How  are  user  and  administrative  roles  managed  across  VMs? 

•  What  forensics  mechanisms  are  available  to  help  determine  why  a 
VM  was  altered? 

All  the  products  tested  meet  our  ideals  in  some  ways,  but  none  nails 
them  all.  PlateSpin’s  PowerRecon  and  Virtugo’s  virtualSuite  provide 
availability  monitoring,  moves-adds-changes  tracking,  and  operational- 
history  tracking  for  forensics,  as  does  nworks  for  VMware.  Onaro 
SANscreen  has  very  appealing  SAN  monitoring  and  planning  capabili¬ 
ties  that  add  much-needed  SAN  management,  monitoring,  and  control 
forVMware’sVirtualCenter  and  SAN-connected  VM  guests  residing  on  a 
VMware  hardware  host. 

All  these  products  have  limitations,  however,  in  terms  of  the  platforms 
they  support,  the  actions  they  can  take  without  adding  optional  soft¬ 
ware,  the  level  of  imageauditing  and  forensics  they  provide,  or  the  hier¬ 
archy  of  user  and  administrative  roles  they  support. 

What  we’ve  learned  from  testing  almost  20  products  is  that  there  is  no 
silver  bullet.  There  is  no  single  tool  that  will  meet  all  six  virtual-man¬ 
agement  ideals  we’ve  outlined.  And,  as  in  the  early  days  of  the  network- 
management  and  client-management  markets,  administrators  will  be 
forced  to  cobble  together  multiple  tools  to  get  the  job  done  until  the 
industry  has  a  shakedown  that  forces  necessary  mergers,  partnerships 
and  acquisitions. 

Henderson  and  Dvorak  are  researchers  with  ExtremeLabs  in 
Indianapolis.  They  can  be  reached  at  thenderson@extremelabs.com. 


PowerRecon  helps  plan  for  VM  growth 


PlateSpin’s  PbwerRecon  is  a  planning  and  monitoring  application  for 
organizations  with  many  servers  and  virtual  host  targets.  On  the  surface, 
PowerRecon  resembles  traditional  network  monitoring  and  manage¬ 
ment  applications  that  track  application  inventory  connectivity  and  net¬ 
work  use. 

We  like  it,  however,  for  what’s  underneath:  a  very  useful  server  moni¬ 
toring,  planning  and  management  tool  (especially  for  VM  hosts  and 
instances)  that  can  be  coupled  with  the  company’s  Optional 
PowerConvert  tool,  which  does  a  formidable  job  of  moving  server 
instances  from  physical  to  virtual  and  to  all  the  variations  the  virtual 
data  center  affords  today 


■i  NETRESULTS 

Product  PowerRecon 

Vendor  PlateSpin 

www.platespin.com 

Price  $799  as  tested 


Pros  Strong  discovery,  inventory  and  planning  uses; 
very  wide  product  compatibility. 

Cons  Some  limitations  in  trend-calculation  settings; 

some  launched  apps  can't  be  configured  easily. 


PowerRecon  also  has  chargeback  features  that  monitor  and  levy  costs 
based  on  system  uptime,  CPU  utilization,  processor  speed,  memory 
used,  network  bandwidth  used,  and  disk  storage  (space,  speed  and 
number  of  writes  per  second).  By  contrast,  Virtugo’s  virtualSuite  (see 
page  40)  uses  a  patented,  contrived  metric  for  chargeback  accounting. 

We  also  were  impressed  with  PowerRecon’s  ability  to  work  with  a 
huge  number  ofVM  operating  systems,  including  Windows  NT  4  and  XP 
through  current  Windows  Server  products  (support  for  XP  and 
Windows  2003  Enterprise  Server  were  tested  and  affirmed);  most  mod¬ 
ern  versions  of  Red  Hat  and  SUSE  Linux  (we  tested  Red  Hat  Enterprise 
5)  and  Sun’s  Solaris  7  (Sparc)  and  Solaris  versions  8  to  10  (Sparc,  Intel 
or  Advanced  Micro  Devices).  VM  hosts  can  be  running  VMware  ESX 
(which  we  tested),  Citrix  Systems’ XenServer  Enterprise  Edition, Virtual 
Iron  software  or  Microsoft’s  Virtual  Server  2005. 

PowerRecon  and  associated  daemon  modules  run  as  a  Windows  ser¬ 
vice  application.  Once  installed,  PowerRecon  uses  a  Windows  Explorer¬ 
like  user  interface  called  Data  Center  Explorer  that  performs  network  dis¬ 
covery  and  maintains  an  inventory  of  hosts.  Credentials  are  supplied  by 
the  administrator  for  server  hosts  that  need  to  be  inventoried  internally  or 
monitored  further.  A  handy  list  of  credentials  is  provided,  but  placing  so 
many  crucial  passwords  in  a  single  place  made  us  nervous,  even  though 
they  are  protected  by  files  and  database  access  permissions. 

The  results  of  the  inventory  process  were  shown  in  a  tabbed  user 
interface  containing  descriptions  of  host-  orVM-instance  characteristics 
—  such  as  processors,  general  information,  disk  drive  information,  net¬ 
work  adapters,  applications,  operating  system  services  and  daemons, 
and  any  other  user-defined  fields.  Power  dissipation  also  is  tracked. 

See  PlateSpin,  page  41 
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Virtugo  virtualSuite  zeros  in  on  VM 
performance  optimization 
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Virtugo  Software’s  virtualSuite  offers  inte¬ 
grated  performance  monitoring  and  VM  opti¬ 
mization  tools.  Its  cost  depends  on  the  tools 
you  drop  into  your  box. 

Our  testing  toolbox  included  Virtugo  mod¬ 
ules  called  Meter,  Perform,  Optimize  and 
Capacity  Meter  sets  up  chargeback  capabili¬ 
ties  based  on  a  Virtugo-patented  algorithm 
(called  vCapacity)  that  combines  consum¬ 
able  characteristics  ofVM  instances  including 
the  CPU,  memory  disk  and  network  I/O 
resources  used. 

The  Perform  module  tracks  those  same  host 
or  guest-VM  use  characteristics  and  more.The 
Optimize  module  lets  an  administrator  shape 
performance  among  different  guest-VM 
instances. The  Capacity  module  (formerly  the 
History  module)  tracks  and  stores  perfor¬ 
mance  data  for  VM  hosts  and  guest-VM 
instances. 

An  additional  module  offered  by  Virtugo, but 
not  tested,  is  the  Connect  module,  which  sup¬ 
plies  a  communications  linking  mechanism 
to  Microsoft  Operations  Manager  and  other 
third-party  monitoring  applications. 

VirtualSuite’s  best  feature  was  its  resource 
optimization  ofVM-guest  instances.lt  monitors 
and  analyzes  VM-host  resources,  then  set  and 

resets  VM-host  allocations  to  suit  the  activities  and  resource  use  of  VM- 
instance  operating  systems  amd  applications  on  a  VM-host  platform. 

For  example,  we  used  a  homegrown  application  that  would  dominate 
CPU  resources  for  a  specific  VM-hosted  instance.  We  launched  the  appli¬ 
cation,  then  watched  virtualSuite  display  the  problem:  The  resources 
we’d  allocated  for  the  application  were  insufficient  (in  CPU  and  memo¬ 
ry  movements). 

The  second  time  we  ran  the  application,  virtualSuite  was  allowed  to 
make  adjustments  for  the  application  on  one  VM,  essentially  robbing 
CPU  allocation  from  two  other  hosted  VM-guest  instances  and  reallocat¬ 
ing  it  to  the  one  that  had  pegged  CPU.  VirtualSuite  has  a  long  list  of 
resources  that  can  be  monitored  and  reset  in  this  fashion. 

There  are  several  components  installed  (we  deployed  them  in  a  mixed 
environment  of  Windows  XP  SP2+  and  Windows  2003  Enterprise  Server 
SP1  Edition  platforms):  Controller,  which  is  a  server  process  that  com¬ 
municates  with  agents  and  contains  the  core  logic  of  the  suite;  Viewer 
(the  administrative  GUI  application);  Database  (Microsoft  SQLServer); 
and  Sensor  agents  for  virtual-host  products  and  guest-VM  operating-sys- 
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Product  virtualSuite 

Vendor  Virtugo  Software 
www.virtugo.com 

Price  $199  to  $799  per  tool 

Pros  Nice  VM  optimizing  feature;  fairly  simple  setup, 

Cons  Needs  polish  and  protection;  confined  to 
VMware  ESX. 

mmrnmmmmsmmmmmmmmsmmmMmmmmmmmmmsm 


Virtugo’s  virtualSuite,  like  PlateSpin’s  PowerRecon,  charges  back  VM  costs,  so 
asset  allocation  can  be  partitioned  by  department  or  organization  through  its 
metering  software  component. 


tern  instances.  The  agents  support  VMware  ESX  2.5  and  3.5  virtual 
machines  running  on  Windows  and  Linux  servers. 

Controller  keeps  its  password,  as  well  as  VMware  ESX  Virtual  Center 
passwords,  in  clear  text  in  a  program  files  folder  on  the  host  it  runs  on, 
so  the  machine  needs  to  be  well  protected  from  file-access  insecurities. 
Virtugo  says  it  will  remove  this  somewhat  scary  file  from  plain  view  in 
the  next  product  release. VirtualSuite  installs  a  VMware  ESX  host  sensor 
application  on  a  desired  ESX  hardware  host,  then  installs  guest  (VM- 
instance)  sensor  applications.The  sensors  send  information  about  CPU, 
disk  space  used,  vCapacity  bytes  sent  and  received  through  network 
interfaces,  committed  bytes  (disk-paging  file  allocation),  memory  pages 
used  per  second,  and  the  number  of  committed  bytes  in  use. 

VirtualSuite  finds  hosts  by  describing  them  by  IP  address, server  name, 
specific  host  name,  domain  name  or  range  of  IP  addresses.  After 
installing  an  agent  (four  minutes)  on  VMware  ESX  and  the  guest-VM 
instances  on  the  ESX  server,  we  enabled  monitoring  and  looked  at  the 
information. 

We  set  up  artificial  loads  on  four  Windows  Enterprise  Server  editions 
—  one  representing  a  high  load,  two  with  midsize  loads  and  one  other¬ 
wise  quiescent  VM  instance  on  our  ESX  test  server  —  and  let  virtualSuite 
optimize  their  loads.  Fast,  medium  and  slow  learning-modes  look  at 
resource  use  for  optimization  purposes  with  descending  levels  of  detail 
(fast  sampling  is  high  detail  and  slow  is  low  detail). 

It  doesn’t  take  long  for  virtualSuite  to  get  a  picture  of  the  loads  requir¬ 
ing  more  resources,  and  for  it  to  adjust  the  VMware  allocations  of  mem¬ 
ory  and  CPU  accordingly. 

VirtualSuite  gives  a  strong,  but  comparatively  incomplete,  picture  of 
VM-instance  operational  characteristics.  For  example,  missing  are  the 
disk  and  storage-area-network  characteristics  tracked  by  Onaro’s 
SANscreen  VMInsight  (see  page  42),  or  the  more  articulate  VM-instance 
health  monitoring  of  nworks  MP  (see  page  41).  Although  virtualSuite 
doesn’t  control  some  of  these  competitive  metrics,  it  can  optimize  per- 

See  Virtugo,  page  41 
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MACHINE  MANAGEMENT 


Virtugo 

continued  from  page  40 

formance  through  learning  the  significant  resources  that  sensors  do 
track. 

There  are  some  items  that  need  polishing.  Secure  Shell  access,  need¬ 
ed  to  get  to  VMware  and  Linux  VM  instances,  has  a  static  port  setting 
(the  normal  Port  22)  that  can’t  be  changed,  and  the  application  has  to 
have  root  access  with  root  passwords  on  the  hosts,  a  potential  security 
problem  for  some  organizations.The  virtualSuite  Viewer  client  applica¬ 
tion  can  have  only  one  instance  running  per  controller.  There  are  no 
methods  to  report  problems  to  administrators,  and  problems  aren’t 
thoroughly  tracked  through  a  help-desk-like  system.  Finally,  the  help 
files  weren’t  all  that  helpful. 

Overall,  we  liked  the  Optimize  features  of  Virtugo’s  virtualSuite.  It 
needs  some  polish,  and  we’d  be  more  inclined  to  love  it  if  it  had  more- 
extensive  monitoring  capabilities  coupled  to  a  help-desk  or  trouble- 
ticket  mechanism.  Nonetheless,  small  shops  will  like  its  controls,  and  it 
won’t  take  a  second  job’s  worth  of  time  to  learn  its  features  and  gain 


ONLINE:  Server  management  Buyer's  Guide 

See  product  descriptions  of  systems  and  software  that  man¬ 
age  changes  and  updates  to  multiple  servers  in  the  network. 

www.nwdocfinder.com/1095 


PlateSpin 

continued  from  page  39 

Each  host  can  be  assigned  to  a  group  or  site,  and  we  could  easily  start 
and  stop  monitoring;  force  an  inventory  to  be  taken;  or  launch  an  appli¬ 
cation,  such  as  a  terminal  services  or  remote  desktop  connection,  a 
Secure  Shell  or  VMware  Remote  Console  session,  or  another  manage¬ 
ment  application  such  as  Embotics’V-Commander.A  new  template  for 
tracking  purposes  also  could  be  launched;  this  let  us  track  the  opera¬ 
tional  fundamentals  of  the  VMware  ESX  host  we  used  for  testing,  or  a 
VM  instance  we  tracked.  We  could  set  the  thresholds  for  tracking  and 
viewing  graphical  data,  such  as  CPU  utilization,  memory  use,  disk 
space,  disk  I/O,  and  network  I/O  for  warning  purposes;  and  watch  the 
trendline  or  use-collected  data  to  graph  a  forecasted  trend. 

Once  fully  configured,  PowerRecon  can  inventory  or  begin  reporting 
monitoring  details  on  demand  or  on  schedule,  and  report  findings  via 
e-mail  (a  separate,  available  SMTP  server  is  required)  or  various 
importable  file  formats.  We  set  and  forgot  about  this  feature  until  reports 
started  showing  up  like  clockwork.  Reports  are  highly  configurable. 

Action  from  information 

PowerRecon  has  a  five-step  server  consolidation  routine  that  divides 
potential  mergers  into  server-  or  workload-protection  projects.  We 
selected  a  server  consolidation  project  based  on  existing  discovered 
inventory;  then  we  gave  PowerRecon  a  date  and  time  range  (varies  for 
an  hourly  or  user-specified  time  period  that  can  exclude  specific  work 
days  like  Saturdays  or  Sundays)  and  had  PowerRecon  forecast  or  pro¬ 
ject  a  load  with  an  optional  power  or  cooling  factor. Trend  data  flushes 
after  30  days,  which  can  be  a  limitation.  The  data  then  was  gathered, 
and  we  examined  it  to  determine  which  consolidation  or  protection 
candidates  existed  among  our  test  server  groups.  It  turned  out  that  we 
don’t  use  our  servers  enough,  and  most  of  them  were  candidates. 

Over  the  time  we  used  PowerRecon,  we  came  to  depend  on  it,  as  well 
as  on  Onaro’s  tools,  for  our  everyday  lab  and  production  activity 
sources.  PowerRecon  doesn’t  have  quite  the  user  interface  of 
SANscreen  orVMlnsight  (see  page  42),  but  is  very  useful  nonetheless. 
Coupled  with  PowerConvert,  PowerRecon  is  a  strong  combination 
that’s  useful  for  medium-to-large  installations.  ■ 


Nworks  provides 
Microsoft  mgmt 
link  to  VMware 


Management  Pack  for  VMware  for  Microsoft’s  System  Center 
Operations  Manager  2007  is  nworks’  long  name  for  a  tool  that  provides 
strong  VMware  monitoring  and  management  capabilities  that  ultimate¬ 
ly  are  driven  by  Microsoft’s  management  platform. 

As  the  name  implies,  it  requires  Microsoft’s  System  Center  Operations 
Manager  2007,  which  in  turn,  requires  a  Windows  2000  SP4+  host  (we 
used  Windows  2003  Standard  Server  Edition).  Although  it  can  be 
installed  spontaneously  we  discovered  that  a  bit  of  planning  pays  off,  as 
nworks  MP  requires  a  comparatively  sophisticated  installation  to  pay  of 
in  eventual  monitoring  and  management  rewards. 

It  takes  longer  to  install  the  Microsoft  System  Center  portion  than  the 
nworks  add-ons.  Nworks  MP  connects  as  an  add-on  to  System  Center,  or 
between  System  Center  and  VMware  VirtualCenter  or  VMware  ESX 
directly  An  nworks  Virtual  Infrastructure  Collector  (VIC)  connects  to  a 
VMware  ESX  Monitor  to  gather  topological  and  inventory  information. 
Collectors  (each  one  for  a  different  VMware  host)  are  set  up  and  con¬ 
figured  for  connectivity  to  System  Center. 

Once  everything  is  installed  (it  took  more  than  three  hours  to  install 
both  product  sets  with  requisite  updates),  a  wealth  of  information  can 
be  tracked  and  managed  —  hindered  only  occasionally  by  the  busy  if 
beautiful  System  Center  user  interface. The  devil  in  the  details  is  decid¬ 
ing  how  to  view  the  collected  information  —  in  long  lines  of  status  and 
alerts,  or  graphs  of  comparative  performance  data  —  and  aligning 
actions  to  be  taken  when  target  thresholds  are  exceeded.The  mundane 
details  of  sorting  event  logs  within  System  Center  is  simple  for  exami¬ 
nation,  and  setting  trigger  alerts  to  be  spawned  from  logs  or  events  is 
equally  simple. 

The  process  of  setting  details,  thresholds  and  filters  inside  System 
Center  is  a  bit  tedious,  although  the  tedium  is  assuaged  somewhat  by 
developing  administrator-defined  groups  of  objects  whose  characteris¬ 
tics  can  be  dealt  en  masse  in  a  single  action,  for  example,  aggregating, 
then  setting  bandwidth  thresholds  for  VM  Web  server  instances.  Once 
this  setup  process  was  finished,  a  console  with  two  monitors  allowed 
greater  amounts  of  information  to  be  displayed  handily  and  permitted 
the  busy  System  Center  display  to  have  a  more  comprehensive  repre¬ 
sentation  of  the  amount  of  information  nworks  MP  provided. 

A  server-state  view  of  System  Center  gives  the  best  rapid  visual  indica¬ 
tor  of  overall  systems  health.  As  a  tabular  view  of  important  information 

See  nworks,  page  42 
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Product  Nworks  for  VMware  ESX 

Vendor  nworks 

www.nworks.com/vmware 

Price  $975  per  VMware  ESX  (includes  support  and 
maintenance) 

Pros  Rich  monitoring  and  control  of  VMware 

resources;  good  performance  tracking;  stunning 
topological  views  of  VMs  on  the  network, 

Cons  High  options-and-configuration  shock;  very  busy 
user  interface. 
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Nworks  “adapts”  Microsoft’s  System  Center  server-management  application  to 
include  a  wide  variety  of  specialized  monitoring  and  control  features  for  VMware 
ESX  virtual  machines. 
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(including  overall  status,  CPU  threshold,  net¬ 
work  I/O,  and  other  default  or  definable 
data),  the  system  told  us  at  a  glance  whether 
all  was  well.  We  then  could  point  to  any 
VMware  host  and  generate  a  topological 
view  of  the  VM  instances  inside,  detailing 
their  health  characteristics. 

Nworks  MP  gets  information  from  the 
VMware  Virtual  Interface  API  and  through 
VMware’s  VirtualCenter.  We  could  find  little 
difference  in  the  speed  of  the  VM-guest 
instances  when  using  VirtualCenter  and 
Virtual  Interface,  except  when  VM-host  use 
was  at  a  peak. 

Stunning  network  and  VM  topological 
views  can  be  configured  easily  to  make 
layouts  that  can  be  viewed  and  under¬ 
stood.  We  created  numerous  custom  tem¬ 
plates  with  ease.  Performance  views  also 
are  made  easily  and  enhance  the  value  of 
having  twin  monitors  or  displays  to  show 
comparative  data  graphically  The  effect  is 
very  much  like  when  Macs  and  Windows 
began  to  be  used,  and  people  would  send 
memos  with  20  fonts  on  them.  Once  under 
control,  we  found  that  sparse  views  of  system-health  tabular  data 
were  the  ones  we  referenced  most. 

Coupled  to  Microsoft’s  System  Center,  nworks  MP  takes  a  long  time  to 
set  up  and  configure, but  pays  off  in  monitoring  control.  Deciding  thresh¬ 
olds  and  actions  takes  longer  and  requires  a  bit  of  practice.  It’s  not  a 
proactive  package;  it  doesn’t  project  thresholds,  as  PlateSpin 
PowerRecon  does,  and  it  has  little  knowledge  of  storage-area-network 
topologies,  as  Onaro  SANscreen  does  (see  above). 


What  we  didn’t  like  about  nworks  MP  mostly  had  to  do  with  System 
Center.  For  example,  it  doesn’t  disable  options  for  nonsensical  actions, 
such  as  shutting  down  something  that  can’t  be  shut  down.  Instead  MP 
attempts  the  action,  generating  an  inarticulate  error  report.  PlateSpin 
and  Onaro  studiously  avoid  this.  According  to  nworks,  MP  also  works 
with  HP’s  OpenView.  Overall,  however,  if  Microsoft  System  Center  is  a 
company’s  management  tool  of  choice,  nworks  MP  for  VMware  makes  a 
very  good  VM  monitor  and  manager.  ■ 


Onaro  gives  SAN-centric  view  of  VMs 


Onaro’s  SANscreen  VMInsight  software  monitors,  tracks  and  man¬ 
ages  VM-host  hardware  and  logical  hosted-VM  operating  system 
instances  connected  to  enterprise-sized  heterogeneous  storage-area- 
network  fabrics.  It  acts  as  the  conduit  for  performance  metrics  to 
flow  into  the  larger  Onaro  SANscreen  monitoring  and  management 
application.  Overall,  Onaro’s  comprehensive,  SAN-centric  view  ofVM 
infrastructure  is  highly  detailed  —  but  from  the  perspective  of  con¬ 
solidated  and  virtualized  storage.  Network  Applications  recently 
completed  its  acquisition  of  Onaro. 

VMInsight  is  a  strong  candidate  for  any  organization  planning  to 
increase  its  VMs  and  its  SAN  infrastructure,  because  it  orchestrates 
VMware  server  needs  with  storage-pool  availability  across  the  SAN. 

Our  tests  showed  that  Onaro’s  product  performs  a  highly  detailed 
analysis  of  SAN  fabrics,  providing  details  about  which  hardware  servers 
use  which  parts  of  a  SAN;  SAN  switches;  SAN  zones  and  logical-to-phys- 
ical  storage  tables;  and  a  great  topological  map. 

VMInsight  links  this  SAN  data  with  information  from  VMware’s 
VirtualCenter  with  detailed  results.  VM  servers  that  need  more  storage 
can  be  analyzed  rapidly  and  visually  from  a  performance  and  use  per¬ 
spective  with  the  help  of  VMInsight  s  well-designed,  Java-based  GUI.  It’s 
then  up  to  system  managers  to  use  SANscreen’s  planning  and  migration 
tools  to  make  changes  in  labeling,  destinations, zoning,  masking  and  so 
on,  to  accommodate  VM  servers’  processes. 

A  second  compelling  reason  for  SANscreen  VMInsight  is  that  it  can 
analyze  a  complex  SAN  fabric  and  provide  visual,  topological  maps 
that  show  the  fabric’s  paths  graphically  as  well  as  errors  or  oddities  in 
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these  paths  and  the  fabric’s  configuration.  SANscreen  tests  these  paths 
as  well,  then  characterizes  connectivity  problems  with  a  visual,  topo¬ 
logical  map  (with  drill-down  to  the  errors  or  problems  it  has  found). 

Installation  puts  VMInsight  on  a  Windows  XP  SP2+  host.  Onaro  installs 
MySQL  on  this  host,  and  a  process  then  links  it  to  VMware’s 
VirtualCenter.  Therein  lies  the  biggest  drawback  of  VMInsight:  It  works 
only  with  VMware  ESX  and  only  with  Fibre  Channel  SANs  through 
VMware’s  VirtualCenter,  and  ignores  other  VM  platforms  and  iSCSI  stor¬ 
age  connections.  Onaro  hints  of  additional  VM  hosts  and  iSCSI  interface 
connectivity  later  in  2008. 

SANscreen  discovers  everything  on  a  SAN,  except  the  filing  system 
used  on  a  target  storage  device  —  a  small  limitation.  It  tracks  which 
hosts  talk  through  which  switch  fabric  in  which  zones  to  which  storage 
devices.  Performance  data  —  such  as  traffic  rates  and  SNMP  data  pin¬ 
pointing  such  things  as  switch  errors,  unavailable  routes  and  zone  mis¬ 
matches  for  the  monitored  SAN  fabrics  —  is  kept  in  Onaro’s  database 
for  review  and  reports,  and  purged  at  regular  static  intervals. 

SANscreen’s  user  interface  reports  daily  violations  (SAN  misconfigu- 
ration  or  potential  problems)  and  tracks  daily  changes  as  reported  by 
VMware’s  VirtualCenter  or  VMInsight’s  view  of  SAN  changes.  For  exam¬ 
ple,  if  a  VM  of  Windows  2003  Server  is  disconnected  from  one  SAN  disk 
target  (and  associated  routing  through  SAN  switch  fabrics  and  zones) 
to  another  location,  it  shows  in  the  daily  changes  list.  If  this  change 
caused  a  problem,  such  as  duplicate  routing  through  a  SAN  switch,  this 
fact  is  shown  in  the  daily  violations  list. 

See  Onaro,  page  44 
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Change  without  changing  it  ail. 

While  the  world  is  telling  you  to  move  to  VoIP  in  rather 
disruptive  ways,  we'd  like  to  pause  and  propose  a  better  way. 
That's  because  it's  not  about  getting  new  hardware.  It's  about 
getting  new  software.  Now  you  can  keep  the  hardware— your 
PBX,  gateways,  even  phones — and  move  to  Vol  P  with  soft wa  re. 


Software  that  integrates  with  Active  Directoryf  Microsoft®  Office, 
Microsoft  Exchange  Server,  and  your  PBX.  Maximize  your  current 
PBX  investment  and  make  it  part  of  your  new  software-based 
VoIP  solution  from  Microsoft.  Big  change  is  just  a  software 
.  install  away.  Learn  more 
at  microsoft.com/voip 
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Gnaro 

continued  from  page  42 

Also  from  the  SANscreen  user  interface,  we  could  set  global  policies 
(enforcing  how  SAN,  Fibre  Channel  and  Zoning  path  violations  are 
determined)  or  activate  and  configure  VM-host  virtualization  rules,  set¬ 
ting  profiles  that  could  be  used  later.  We  also  could  track  SAN  vulnera¬ 
bilities  (usually  these  amount  to  such  things  as  incorrect  SAN  port-, 
zone-  or  volume-assignment  mistakes)  and  see  these  visually  in  a  topo¬ 
logical  graphical  view 

The  graphical  view  can  represent  SAN  paths,  switches,  zones,  stor¬ 
age  arrays,  hosts  and  recently  changed  devices,  as  well  as  generic 
(and  perhaps  unidentified)  devices.  We  tracked  our  VM  hosts  and 
VM  instances  using  SANscreen  Performance  Chart  and  Load 
Analyzer  to  capture  the  activity  of  the  individual  devices  and  device 
mappings  within  the  SAN. 

Onaro  makes  strong  use  of  its  GUI  and  gives  a  SAN-centric  view  of  an 
enterprise  VM  or  server-based  view  of  the  world.  Its  level  of  detail  is 
high,  as  is  its  ability  to  discern  problems  and  vulnerabilities.  Better  still, 
we  like  its  planning  and  change-modeling  capabilities.  Its  online  help 
guides  are  very  useful.  More  helpful  still  is  that  Onaro  installs  100%  of  its 


products  with  varying  degrees  of  training. 

We  were  knocked  over  by  SANscreen  VMInsight’s  features  and  useful¬ 
ness  for  VM-based  SAN  management.  If  Onaro  could  link  its  user  inter¬ 
face  to  other  software  administration,  management  and  monitoring 
packages,  the  combination  would  be  huge.B 

NETRESULTS  ■  m 

Product  SANscreen  VMInsight 

Vendor  Onaro 

www.onaro.com 

Price  $75,000  for  the  first  10TB,  S250/TB  thereafter 

Pros  Provides  comprehensive  VM  storage-area-net¬ 


work  management;  outstanding  GUI. 
Cons  VMware-specific;  lacks  iSCSI  support. 
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Reflex  IPS  adds  security  to  your  VM  lifestyle 


ReflexTechnologies’  Command  Center  is  itself  a  virtual 
machine  that  sits  on  VMware's  ESX  server  and  acts  as  an  intru¬ 
sion-prevention  system,  watching  connectivity  activity  between 
other  VMs  and  the  virtual  network  interface  provided  by  VMware. 

RCC  watches  traffic  flow  between  physical  and  virtual  network 
interfaces,  and  monitors  and  filters  traffic  based  on  a  rules  set  of 
known  hacks,  cracks  and  odd  behaviors  between  hosts. 

RCC  is  a  nervous  beast  that  mischaracterized  in  our  tests  traf¬ 
fic  only  occasionally.  Amusingly,  it  misidentified  traffic  coming 
from  Virtugo  Technologies’  virtualSuite  (a  competing  VM  man¬ 
agement  product)  as  indicative  of  an  instance  of  eDonkey. 
Otherwise  it  was  highly  accurate. 

This  product  is  stunningly  simple  to  use.  Installation  takes  sec¬ 
onds.  Two  modes  are  available:  an  inline  mode  that  rests  between 
VM-host  instances  and  the  virtual  network  cards  in  a  VMware 
host  server,  and  a  bridged  mode  that  listens  to  traffic  mirrored 
from  the  interface.The  inline  mode  can  filter  traffic  based  on 
default  or  administrator-modified  packet-filtration  rules,  while 
the  bridged  mode  is  a  listen-only  setup. 

We  used  both  modes,  first  as  a  filtered  connection,  then  as  a 
filtered-and-bridged  connection  so  that  we  could  monitor  one 
host  while  filtering  and  monitoring  the  other  one.  Each  VMware 
hardware  host  server  had  four  to  six  VMs  running  on  it.  We  used 
Microsoft's  Internet  Information  Server  6  and  Apache  as  sample 
applications  on  each  server  instance. 

Once  the  RCC  VM  instance  is  alive,  it  immediately  starts  evalu¬ 
ating  packets  (or  filtering,  if  that’s  what  you’ve  chosen  to  do)  and 
relationships  between  VM  instances  and  the  rest  of  the  connect¬ 
ed  world.  Sensors  on  multiple  VMware  hosts  can  be  set  up  and 
linked  to  a  single  RCC  console. 

RCC  then  categorizes  the  intrusion  profile  information  it’s  eval¬ 
uated  into  low-,  medium-  and  high-concern  categories  (shown  in 
a  3D  bar  graph  as  yellow,  orange  and  red)  when  it  sees  a  problem 
not  in  line  with  its  rule  set. 

For  example,  we  probed  Server  Message  Block  ports  on  each 
server,  an  action  that  correctly  triggered  signature  messages  of 
several  attack  types.  Additionally,  we  had  one  server  pound  the 
DNS  ports  of  another  hosted  server  to  trigger  the  identification 


of  a  User  Datagram  Protocol  (UDP)  flood  attack. 

It’s  also  possible  to  set  custom  policies,  and  the  one  we  found 
most  interesting  was  an  alert-and-deny  policy  for  packet  flooding 
that  fits  the  profile  of  denial-of-service  (DoS)  attack.  SYN, 
Fragment,  UDP, TCP  and  Internet  Control  Messaging  Protocol 
flooding  can  be  detected  and  automatically  denied  or  otherwise 
spawn  a  high-concern  alert.  Alas,  the  distributed  DoS  attacks  we 
tried  could  not  be  filtered  (we  used  more  than  10,000  unique  IP 
addresses  in  our  attack). 

Each  host  can  then  be  tuned  for  a  detection-sensitivity  level 
(corresponding  to  the  number  of  packets  flooded)  before  the  fil¬ 
ter  turns  on  for  each  packet  type.  You  can  select  a  single  host  or 
a  24-IP-address  range  of  VM  hosts  to  be  protected  in  this  way. 

We  tried  to  turn  sensitivity  to  its  highest  level  for  our  distributed 
DoS  attack,  but  RCC  failed  to  keep  up  with  the  floods.  It  simply 
started  halting  traffic,  slowing  packets  flowing  through  the  RCC 
link  between  the  virtual  network  card  in  the  VMware  host  and  its 
targeted/attacked  server  until  the  attack  was  over. 

The  rules  set  can  be  modified  by  protocol  type  using  RCC’s 
ProtoEval  tool.  Like  the  flood  evaluation,  RCC  looks  at  packets 
for  conformity,  enabling  either  alerts  or  automatic  filters  to  be 
applied  when  it  “sees”  malformed  packets.  Administrators  can 
also  define  RCC  topology  constraints,  meaning  the  ability  for 
RCC  to  include  or  exclude  traffic  from  specific  addresses  when  it 
evaluates  traffic. 

RCC  can  send  SNMP  traps  to  a  larger  reporting  system  and  e- 
mail  alerts  to  designated  IT  staff.  Administrators  can  rate-limit 
the  number  of  e-mails  per  alert  to  prevent  a  million  repetitive 
messages.  Antivirus  and  spyware  detection  also  can  be  enabled, 
but  this  wasn’t  tested. 

What  we  love  about  RCC  is  that  it’s  configurable  (including  new 
attack  signature  updates),  and  has  a  sophisticated  but  rapidly 
discernible  user  interface  that’s  easy  to  understand,  although  it 
does  tend  to  lean  toward  listing  too  many  alerts  rather  than 
missing  one.  We  saw  only  small  amounts  of  latency  under  very 
high  traffic  loads  to  numerous  servers.  As  a  virtual  appliance,  it 
takes  up  only  virtual  room,  but  it’s  an  important  consideration  for 
any  virtual  network. 
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I  CLEAR  CHOICE  TEST 


VIRTUAL  MACHINE 


MANAGEMENT 


Virtuozzo  containers  give  apps  room 
to  play  safely  on  the  same  server 


Virtuozzo,  from  Parallels  (formerly  SWSoft),  gives  every  application  its 
own  sandbox  to  play  in. 

Virtuozzo  4.0  is  a  virtual-machine  hosting  platform  that  provides  appli¬ 
cation-partitioning  services.These  Virtual  Environments  operate  in  a  way 
that’s  similar  to  the  way  RedHat’s  SELinux  and  Sun’s  Containers  provide 
operating-system-instance  isolation  for  applications. 

Virtuozzo  4.0  (we  tested  the  final  RC  version)  hosts  a  single  operating 
system  —  either  Windows  or  Linux;  we  tested  it  on  machines  running 
Windows  XP  SP2,  Windows  2003  Server  Standard  Edition  and  CentOS4 
—  then  creates  independent  virtual-environment  instances  that  can  be 
set  up  to  run  designated  applications  temporarily  permanently  or  on  an 
as-needed  basis.The 'Virtual  Environments  (depending  on  the  operating- 
system  host  used)  have  separate  administrative  controls,  registry 
instances,  domain  users  and  Active  Directory  instances;  and  can  run 
processes  or  applications  with  unique  or  shared  files. 

Virtuozzo’s  Virtual  Environments  are  superficially  similar  to  Microsoft 
Terminal  Services  or  Citrix  Systems  Metaframe  sessions,  but  provide 
instance  controls  that  are  more  closely  related  to  the  application  isola¬ 
tion  provided  through  Red  Hat’s  SELinux  session  and  user  system  file 
and  permissions  controls. 

The  applications  are  captive  to  the  specific  host  kernel,  meaning 
that  a  hardware  server  platform  offers  only  the  host  operating-system 
instance,  rather  than  a  number  of  hosted  operating-system 
instances. This  fits  the  common  profile  of  other  VM  products,  which 
usually  have  varieties  of  operating  systems  running  beside  each 
other  atop  a  hypervisor  or  paravirtualized  host-VM  management 
kernel.  (See“VM  primer,”  www.nwdocfinder.com/3625). Virtuozzo  is 
therefore  a  hybrid  of  sophisticated  VM  hosts  and  application- 
instance  hosting  environments. 

All  the  user-  and  application-provisioning  controls  needed  are  easily 
found  within  the  product’s  excellent  Virtuozzo  Control  Center  (VZCC) 
GUI,  or  its  remote-access  alternative, Virtuozzo  Management  Console. 

VZCC  provides  strong  and  clear  control  for  the  Virtual  Environments; 
makes  Virtuozzo  approachable  by  several  technical  levels  of  adminis¬ 
trators,  from  systems  engineers  to  savvy  users;  and  carefully  controls  user 
Virtual  Environments  administrative  behavior.This  degree  of  control  isn’t 
usually  available  in  virtualization  environments,  although  Microsoft’s 
Virtual  Manager  System  Center  proposes  this  capability  in  the  betas 
we’ve  seen  of  Microsoft’s  upcoming  virtual  services  for  Windows  2008 
Server  editions. 

Users  can  be  provisioned  access  to  a  subset  of  features  tailored  to  their 
needs,  which  they  access  through  an  interface  called  the  Virtuozzo 
Power  Panel  (VZPP).The  VZPP  lets  administratively  delegated  users  start 
and  stop  their  own  sessions  of  Virtual  Environments;  as  well  as  control 
backups  and  restorations,  monitor  session  resource  use,  and  connect  to 
Virtual  Environments  through  a  remote  desktop  connection  and  a 
browser  link. This  permits  very  easy  and  approachable  access  by  users 
who  desire  their  own  remote  session. 

Virtuozzo  comes  in  a  32-bit  version,  as  well  as  two  64-bit  versions:  one 
for  AMD  or  Intel  64-bit  CPUs,  such  as  Athlon,  Opteron  and  EM64T-Intel, 
and  one  strictly  for  the  Intel  Itanium.  We  tested  the  32-  and  64-bit 
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■  Henderson  is  a  member  of  the  Network  World  Lab  Alliance,  a 
cooperative  of  the  premier  testers  in  the  network  industry,  each 
bringing  to  bear  years  of  practical  experience  on  every  test.  For 
more  Lab  Alliance  information,  including  what  it  takes  to  become 
a  partner,  go  to  www.networkworld.com/alliance. 
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Product  Virtuozzo  4.0 

Vendor  Parallels 

www.parallels.com/ 

Price  $2,500 

Pros  Astute  application-instance  concurrency;  great 
session-behavior  controls;  easy  access  for  soft- 
ware-as-a-service  profiles. 

Cons  May  present  licensing  problems;  streaming 
graphics  slow  performance. 


AMD/Intel  versions.  Virtuozzo’s  application  comes  in  an  enterprise  ver¬ 
sion,  as  well  as  a  version  for  server-hosting  organizations. 

Installation  for  all  versions  of  Virtuozzo  was  painless.  The  host  operat¬ 
ing  system  for  the  physical  server  was  installed,  then  we  installed  a 
Virtuozzo  layer.  Virtuozzo  uses  templates  to  enable  the  optional  use  of 
common  files  among  hosted  applications,  and  therein  lies  Virtuozzo’s 
greatest  weakness.  Common  files  can  compromise  numerous  instances 
should  they  be  cracked. That  said,  if  the  server’s  shared  resource  appli¬ 
cations  are  secure,  the  Virtual  Environments  are  secure. 

We  used  several  simple  programs  to  attempt  to  tie  up  CPU  and 
disk  resources  to  view  Virtuozzo’s  ability  to  sequester  instance  ses¬ 
sions.  When  we  pegged  CPU  on  either  Linux  or  Windows,  the  con¬ 
trol  reaction  (diminishing  the  out-of-control  session  on  others) 
came  after  only  a  second  or  so  of  perceived  session  latency. 
Additional  attempts  either  to  tie  up  resources  (running  applications 
that  tried  to  grab  CPU  use  or  otherwise  blow  up  a  session)  didn’t 
have  a  discernible  effect  on  other  applications  running  on  the  host¬ 
ed  applications  we  used. 

We  installed  Microsoft  Office  on  our  Windows  installation,  and  were 
able  to  spawn  28  Virtual  Environment  sessions  using  the  prototype  of  a 
document,  with  Microsoft  Word,  before  no  more  sessions  could  be 
opened.  Admittedly  the  28  sessions  were  somewhat  slow,  partially  as  a 
result  of  the  viewing  mechanism  (Microsoft’s  Remote  Desktop 
Protocol),  and  partly  because  the  server  was  managing  a  lot  of  work.  By 
contrast,  CentOS  Linux  was  able  to  host  41  Virtual  Environment 
OpenOffice  Writer  sessions  before  those  sessions  crawled  to  a  halt  on 
the  same  hardware. 

Copious  research  must  be  done  by  potential  users  of  Virtuozzo, 
because  some  application  licenses  are  for  a  single  CPU,  while  others  are 
for  a  number  of  sessions  or  users.Your  value  from  licensing,  and  the  odd 
imbalance  of  possible  application  instances  on  a  single  operating  sys¬ 
tem,  will  vary 

The  Virtuozzo  sandboxing  approach  to  Linux-  and  Windows-appli- 
cation  instantiation  lends  itself  handily  to  application  session-host¬ 
ing.  With  the  PowerPanel,  users  can  get  in,  do  work  and  get  out  in 
an  understandable  way.  Virtuozzo’s  masterful  VZCC  interface  was 
very  powerful  and  approachable,  as  was  the  company’s  Adobe 
Flash-based  tutorial  and  help  system.  Virtuozzo’s  methodology  for 
software-as-a-service  may  help  circumvent  the  overhead  associated 
with  more  sophisticated  VM  instances  handily.  Perhaps  the  success 
of  Virtuozzo  is  another  reason  that  Citrix  purchased  XenSource, 
because  Virtuozzo  is  poised  to  make  terminal  services  less  terminal 
and  more  service.  ■ 
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RELAX.  YOU’RE  IN  CONTROL  NOW 

Manage  remote  offices  from  wherever  you  are. 

Secure  your  Data  Center.  No  software  licensing  fees. 
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UJtraUnk™  - 
Digital  KVM  IP 


State  of  the  art  security 

Dependable,  Powerful,  Secure,  Guaranteed 

24/7  Mission  Critical  Reliability 

Industry  ISest  Video 

USB,  PS/2,  Serial  Support 

Single,  Dual,  Quad  Models 


Digital  KVM  IP 
Switches 

Swkch  &  control  l,OOOs 
of  computers  &  network 
devices  over  IP 

Advanced  Security 
High  resolution 
On-screen  menu 
USB,  PS/2,  Sun,  Serial 
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Multi- platform 
KVM  switches 

Switch  &  control  1,0 OOs  of 
computers  and  network 
devices 

Advanced  Security 
High  resolution 
On-screen  menu 
USB,  PS/2,  Sun,  Serial 


KVM  Extenders 

Extends  keyboard,  video, 
and  mouse  signals  up  to 
33,000  feet 

fiber,  CATx 
DV1,  VGA,  High  Res. 
PS/2,  USB,  Sun 
Audio,  Serial 


KVM  Rack  Drawers  Panel  Mount  LCD 


The  most  efficient  way  to 
organize  your  server  room. 

1U  or  2U,  VGA,  DVI 
15',  17',  19' or  20" 
PS/2,  USB,  or  Sun 
Touchpad  or  TrackbaR 


Mounts  vertically  in  a 
standard  19’  rack. 


15'  17’,  19",  20',  or  23' 

VGA,  DVI,  S-Video 
Optional  Touchscreen 
Optional  Built-in  KVM  Extenders 


ROSE  US 
ROSE  EUROPE 
ROSE  ASIA 
ROSE  AUSTRALIA 


281  933  7673 
+49  0  2454  969442 
+65  6324  2322 
+617  3388  1540 


800-333-9343 
WWW. RQSE.COM 
SALE5@RQSE.COM 

ROSE  ELECTRONICS  10707  STANCUFF  ROAD  -  HOUSTON,  TEXAS  77099 
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j  vmvw, nefequallzer.com 

Let  the  Model  135 
Monitor  Your  Site 


The  Model  135  Site  Monitor  is  designed  to  serve  as  your 
"resource  kit”  for  monitoring  and  maintaining  computer, 
communications,  and  specialized  equipment  locations. 
With  a  wide  range  of  built-in  capabilities,  it’s  easy  to 
tailor  a  powerful  site-specific  solution. 

Highlights  include  10/100  Ethernet  and  analog  modem 
connectivity,  serial  port  access  and  text  data  "matching,” 
AC  and  DC  voltage  monitoring,  ping  testing,  and  contact 
closure  inputs  and  outputs.  And  the  web-based  interface 
makes  setup  and  use  a  straight-forward  process. 

For  complete  details  on  the  Model  135,  give  us  a  call 
or  visit  www.gkinc.com. 


Gordon  Kapes,  Inc. 

Skokie,  IL  USA  |  Ph  847-676-1750  |  www.gkinc.com 


GET  YOUR  NEW  GEIST 


INTELLIGENT  POWER  DISTRIBUTION 
ONITORING  SYSTEMS  CATALOG 

''219 


Efficiently  aggregate  full-duplex  data  into 
your  analysis  or  security  device. 


•Supports  10/100/1000 

•  Stream  into  two  different  devices 

•  Rack  mount  up  to  three  across 

•  Supports  all  commercial  analysis  systems 

•  Also  works  with  open-source  tools 

Learn  more.  Visit  www.networkTAPs.com. 


Buffer  options: 

256  MB . $1,495 

512  MB . $1,995 


liTAP 


TM 


Choose  from  a  variety  of  configurations,  options,  and  pricing.  Plus  a 
complete  line  of  copper  and  optical /?TAPs  for  full-duplex  analyzer  systems. 
Free  overnight  delivery* 

www.networkTAPs.com  •  1-866-GET-nTAP 
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x  "  ‘Free  overnight  delivery  on  all  U  S.  orders  over  $295  confirmed  before  12  p.m.  Central  Time. 
©  2007  Network  Instruments,  LLC.  nTAP  and  all  associated  logos  are  trademarks  or  registered  trademarks  of  Network  Instruments,  LlC. 


NETCLARITY 

PREEMPTIVE,  PROACTIVE  PROTECTION 


INTRODUCING  EASYNAC  MICRO 

World’s  Smallest,  Most  Powerful  NAC  Appliance 
Non-invasive,  Non-inline,  Nearly  Invisible  on  the  LAN 
CLIENTLESS  -  AGENTLESS  -  NETWORK  ACCESS  CONTROL 


TOLL  FREE:  1-800-874-2133  www.netclarity.net 

WILL  THIS  HAND-HELD  APPLIANCE 
REVOLUTIONIZE  NAC? 


DON'T  TAKE  IT  FROM  US, 
TAKE  IT  FROM  THEM: 


RSACONFERENCE2007 

TOP  3  INNOVATORS 


Kurzweil  Technologies  Inc. 
seeks  Computer  Systems  Analyst, 
Wellesley  Hills,  MA. 

Oversee  all  tech,  AI  modules,  A/V 
ops,  &  more  for  KTI  &  5  affiliates. 
Troubleshoot  SW,  site  crashes,  do  upgrades, 
develop/maintain  system.  FT/40  hrs. 
Resume  to  denise@kurzweiltech.com. 


2inf08  MARKFTPI  AOF 


NEWS  ANALYSIS 


Enterasys  looks  for  acquisitions 

Targeting  security,  wireless  to  reach  $1  billion  in  revenue 


BY  JIM  DUFFY 

Enterasys  is  looking  to  make  one  or  two 
acquisitions  this  year  in  an  ambitious  effort  to 
increase  revenue  to  $1  billion  —  it  isn’t  close 
today  —  by  expanding  the  company’s  pres¬ 
ence  in  security  and  wireless. 

The  LAN  switching  vendor  also  is  lining  up 
partnerships  with  VoIP  companies  and 
expanding  its  security  portfolio  to  include  fire¬ 
walls  and  VPNs  in  an  effort  to  tap  ancillary 
markets, company  officials  said  in  an  interview 
last  week. 

Currently  controlling  less  than  1.5%  of  the 
$18  billion  Ethernet  switching  market, 
Enterasys  is  hoping  to  reverse  a  multiyear  trend 
that  has  seen  its  share  slide  from  1.8%  in  2004 
to  1.3%  in  the  third  quarter  of  2007,  according 
to  Dell’Oro  Group.  Acquiring  another  vendor 
might  do  that  as  well  as  make  Enterasys  better 
able  to  compete  in  a  market  that  just  got  more 
competitive  with  the  entrance  of  Juniper 
Networks  two  weeks  ago  but  is  still  dominated 
by  Cisco. 

“We  are  going  to  acquire  this  year,”  says 
Mike  Fabiaschi,  Enterasys  president  and  CEO. 
“We’ve  always  said  from  the  beginning  and 
the  market  has  always  said  a  clear  alternative 
to  Cisco  would  make  sense.  We  think  that  the 
next  player  that  can  get  close  to  $1  billion 
will  start  to  emerge  as  a  clear  No.  2.  We ’re  real¬ 
ly  going  to  try  to  make  something  happen  in 
2008  to  that  end.” 

Privately  held  Enterasys  does  not  disclose 
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revenue  figures,  but  they  are  believed  to  be 
about  $250  million.  Fabiaschi  says  the  compa¬ 
ny  is  profitable  and  cash  flow  positive,  and  that 
revenue  is  growing. 

Fabiaschi  says  Enterasys  will  look  to  make 
strategic  acquisitions  in  security  or  wireless. 
Enterasys  currently  has  an  OEM  relationship 
with  Trapeze  Networks  for  WLAN  equipment, 
and  is  reported  to  be  sizing  up  Bluesocket. 

In  security  analysts  have  said  Enterasys  needs 
to  extend  into  firewalls  or  SSL  VPNs  to  augment 
its  line  of  security-enabled  switches. 

Enterasys  also  is  looking  to  acquire  in  order 
to  grow  and  scale  the  company  to  better  com¬ 
pete  for  the  next  wave  of  enterprise  buying. 

“In  the  next  three  to  four  years  there’s  going 
to  be  a  lot  of  refresh, a  lot  of  bu>f  Fabiaschi  says. 
“Companies  are  going  to  look  to  consolidate 
before  a  lot  of  that  happens  in  order  to  bulk  up 
and  be  ready  for  it.  2008  has  all  the  right  feel¬ 
ings  that  it  is  going  to  be  a  year  of  consolida¬ 
tion.” 

Juniper  says  it  is  No.  2 

A  new  buying  cycle  is  not  the  only  impetus 
for  consolidation  in  enterprise  switching  — 
Juniper’s  entry  into  the  market  will  force  com¬ 
panies  to  try  to  bulk  up  to  compete  with  anoth¬ 
er  multibillion  dollar  player,  Fabiaschi  says. 

Juniper  believes  its  entry  will  dramatically 
change  the  market.  CEO  Scott  Kriens  recently 
stated  that  a  mature  market  like  enterprise 
switching  can’t  support  more  than  two  players, 
adding  that  Juniper  is  now  that  second  horse 
in  the  race 

Enterasys  is  not  ready  to  concede  that. 

“It  does  seem  like  the  No.  2  and  3  providers  in 
this  space  right  now  are  probably  doing  $600 
to  $700  million  [in  revenue] "  Fabiaschi  says. 
“We  are  far  away  from  $1  billion.lt  will  take  one 
or  two  of  the  right  acquisitions  that  we  could 
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get  real  close  to  that.” 

Analysts  say  acquisition  is  a  good  way  for 
Enterasys  to  go  in  order  to  grow. 

“There’s  a  couple  of  companies  out  there  in 
the  WLAN  space  that  are  seemingly  for  sale,” 
says  Steve  Schuchart  of  Current  Analysis. 
“There’s  certainly  opportunities  for  them  to 
acquire  an  existing  customer  base  and  to  grow 
their  company  via  acquisition.” 

Schuchart  adds  that  firewalls  and  VPNs  are 
gaps  in  the  Enterasys  product  line  that  the 
company  needs  to  fill  “to  be  a  complete  play¬ 
er.”  Enterasys  plans  to  move  on  that  front 
through  internal  development  and  external 
partnership,  says  Chris  Crowell,  Enterasys  exec¬ 
utive  vice  president  of  R&D. 

Enterasys  is  also  looking  to  strengthen  its 
partnerships  in  VoIRa  market  where  the  com¬ 
pany  is  a  virtual  non-entity. The  company  plans 
to  announce  partnerships  with  three  “top-tier 
VoIP  players  in  the  world”  this  year,  Fabiaschi 
says,  one  of  which  could  be  a  linkage  with 
ShoreTel  this  week. 

“We’ve  made  a  conscious  decision  not  to  get 
into  VoIP’  Fabiaschi  says.  “We  think  that  we’d 
rather  be  a  Switzerland  —  we  support  all  the 
players  who  provide  VoIP  but  I  think  we’d  end 
up  being  a  No.  13  or  14  player  in  a  very  crowd¬ 
ed  market.” 

Enterasys  would  rather  provide  the  secure 
infrastructure  that  recognizes  and  prioritizes 
voice  traffic  instead  of  a  VoIP  equipment 
provider,  he  says. 

The  partnerships  will  not  preclude  Enterasys 
from  supporting  VoIP  vendors  it  does  not  have 
a  close  relationship  with,  Fabiaschi  stresses. 

“We  will  still  support  Cisco,  Avaya,  Nortel, 
Alcatel,  Siemens,”  he  says.  “The  handset 
provider  that  you  buy  today  may  not  be  the 
handset  provider  that  you  buy  tomorrow.  We’ll 
never  say  to  somebody  that  you  don’t  want 
Enterasys  because  you  chose  this  voice 
provider  or  that  voice  provider. Voice  is  going  to 
turn  out  to  be  just  another  application  within 
another  two  years.When  that  happens  I  want  to 
make  sure  that  our  customers  realize  they  can 
stay  with  us.”B 


IT  Buyer’s  Guides 

Compare  products  and  get  up-to- 
date  buying  tips,  market  trends,  best 
practices,  tech  primers  and  more  on 
dozens  of  networking  topics  at: 

www.networkworld.com/buyepsguides 
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Complex  software?  Plan  to  fail! 


ijust  got  some  feedback  from  reader 
Stephanie  Bice,  the  regional  manager  of 
Digital  Warehouse,  about  my  recent 
Gearhead  column  (see  www.nwdocfinder. 
com/386 l)concerning  my  adventures  with 
Network  Solutions’  e-commerce  offerings. 

She  wrote:  “I  am  stuck  in  a  similar  situation 
with  an  accounting/software  package  my  com¬ 
pany  purchased  last  year. Your  statement  that  ‘the 
sheer  enormity  of  the  product  means  you  can’t  find  all  of  the  serious 
gotchas  until  you  are  deeply  committed  to  using  the  product’  struck  a 
cord  with  me,  as  that  is  exactly  what  happened  in  my  situation.  And 
with  the  almost  $100K  price  tag  I  paid,  not  to  mention  more  than  $50K 
in  support  (if  you  even  want  to  call  it  that),  I  feel  a  bit  ripped  off.” 

1  think  that  using  the  phrase  “I  feel  a  bit  ripped  off”  when  $150K  is 
involved  qualifies  as  a  serious  understatement.  I  talked  with  Bice,  and 
it  turns  out  her  tale  is  another  good  example  of  a  dirty  little  industry 
secret  (see  www.nwdocfinder.com/3862)  —  in  this  case,  the  fact  that 
when  you  implement  complex  software  there’s  a  high  probability  you 
won’t  be  happy  with  the  result. 

Digital  Warehouse’s  problems  started  when  a  consultant  recom¬ 
mended  Sage  Software’s  ERP  product  and  Sage,  in  turn,  recom¬ 
mended  a  reseller  to  work  with.  After  an  expensive  needs  analysis, 
the  reseller  recommended  Sage  MAS  500  ERP 
Much  of  this  happened  before  Bice  arrived  at  Digital  Warehouse  but 
she,  of  course,  wound  up  dealing  with  the  mess  that  resulted.  Bice’s 
biggest  complaint  is  that  the  system  doesn’t  match  the  company’s 
needs,  and  even  simple  operations  require  far  more  effort  than  is  rea¬ 
sonable.  In  short,  she  reckons  the  company  was  seriously  oversold. 

The  harder-nosed  among  you  might  be  muttering  “caveat  emptor’’ 


but  let’s  consider  what  it  means  for  a  small  company  to  implement 
something  as  complex  as  a  new  accounting  system.  First  of  all,  there’s 
the  issue  that,  while  the  client  knows  what  its  business  needs  are  and 
can  inspect  potential  solutions  to  see  if  there’s  a  good  match,  the  real¬ 
ity  is  that  the  devil  is  in  the  details. 

It’s  never  the  big  stuff  that  gets  you,  it’s  the  little  stuff  —  the  lack  of  a 
report  you  need,  the  absence  of  an  export  or  import  format,  the  lack 
of  options  for  handling  just  one  detail  of  workflow  —  those  are  the 
things  you  don’t  know  about  because  they  are  buried  so  deep. 

So,  a  wise  company,  such  as  Digital  Warehouse,  hedges  its  bet  and 
retains  experts  to  bridge  the  product-knowledge  gap  and  identify  the 
potential  problems.  And  who  knows  the  product  best?  According  to 
most  vendors,  it’s  the  resellers  they  recommend,  but  of  course  the 
resellers  want  to  maximize  their  revenue,  which  creates  something  of 
a  conflict  of  interest. 

If  things  don’t  work  out  as  planned,  what  does  the  client  do?  It  first 
looks  for  support  from  the  reseller.  When  that  relationship  goes  sour,  as 
it  did  between  Digital  Warehouse  and  the  reseller  (Digital  Warehouse 
believes  it  was  overcharged  and  under-served),  what  is  the  software 
vendor’s  responsibility?  In  this  case,  it  appears  that  Sage  has  little  inter¬ 
est  in  ensuring  happy  customers.  Bice  tells  me  that  so  far  Sage  has 
ignored  Digital  Warehouse’s  appeals  for  help. 

The  worst  part  of  this  is  that  Digital  Warehouse’s  experiences  aren’t 
unique.  Every  day  some  company  finds  it  has  been  oversold.  I’ve  read 
that  80%  of  all  ERP  implementations  fail  or  deliver  inadequate  value. 
Perhaps  the  only  strategy  when  it  comes  to  complex  software  is  to 
assume  the  worst  and  plan  for  failure.  Does  that  count  as  a  strategy? 

Gibbs  strategies  in  Ventura,  Calif.  Tell  your  tactics  to  backspin@gibbs 
.com. 


BACKSPIN 


Mark  Gibbs 


EFF’s  Patent  Busting  Project  in  danger 

T 


■he  Electronic  Frontier  Foundation’s  suc¬ 
cessful  Patent  Busting  Project  may  itself  be 
busted  by  language  in  “reform”  legislation 
pending  before  the  U.S.  Senate. 

This  “reform,”  as  it  stands,  instead  will  protect 
frivolous  patents  from  the  EFF  and  similar 
NET BUZZ  watchdogs  by  limiting  to  one  year  from  a 


News,  Insights,  oddities 


patent’s  granting  the  time  in  which  it  could  be 
challenged  by  anyone  other  than  those  suffer- 
ing  direct  financial  harm. 

The  head  of  the  EFF  project,  patent  attorney  Emily  Berger,  tells  me: 
“While  we  generally  support  patent  reform,  a  bill  that  does  not  allow 
us  to  continue  to  file  third-party  reexamination  requests  would  dimin¬ 
ish  the  quality  of  existing  patents  and  offer  more  opportunity  to  abuse 
the  patent  system. This  is  contrary  to  the  goals  of  the  bill.” 

EFF  last  week  sent  letters  of  protest  to  the  ranking  members  of  the 
Senate  Judiciary  Committee, Sen.  Patrick  Leahy  (D-Vt.),and  Sen.Arlen 
Specter  (R-Pa.).  Wrote  Berger  on  the  EFF  blog:“Today  EFF  submitted  a 
letter  to  Senators  Leahy  and  Specter  calling  their  attention  to  a  por¬ 
tion  of  the  Draft  Judiciary  Committee  Report  of  the  Patent  Reform  Act 
of  2007  which  has  the  potential  to  kill  EFF’s  Patent  Busting  Project.” 

“The  public  has  a  right  to  defend  itself  against  patents  that  should 
never  have  been  granted,  and  organizations  like  EFF  exist  to  assist  in 
this  process,”  Berger  wrote.“Reexamination  proceedings  are  essential 
for  us  to  continue  this  work.” 

By  late  last  week,  Leahy’s  office  had  not  replied  to  the  letter  or  my 
own  requests  for  comment.  (1  opted  not  to  contact  Specter’s  office 
because  I  didn’t  want  to  distract  the  senator  or  his  staff  from  the  impor¬ 
tant  work  of  policing  National  Football  League  rules  enforcement.) 

The  Patent  Busting  Project  has  notched  a  string  of  victories.  Last  year, 
the  project  succeeded  in  convincing  the  U.S.  Patent  and  Trademark 


Office  (PTO)  to  revoke  a  patent  held  by  Clear  Channel  Commun¬ 
ications  that  covered  a  system  for  recording  and  distributing  live  musi¬ 
cal  performances.  In  December,  it  was  the  distance-learning  site 
Test.com  wilting  under  the  patent-busting  heat,  as  the  PTO  rejected  all 
16  claims  on  which  its  patent  rests. 

Everyone  complains  about  frivolous  patents.  The  EFF  is  doing  some¬ 
thing  about  them.  It  would  be  a  shame  if  that  effort  were  to  end. 

E-mail  gaffe  leads  to  billion-dollar  news  leak 

A  simple  e-mail  slip-up  is  all  we’re  talking  about,  the  kind  any  one  of 
us  could  make  at  any  time:  A  Philadelphia  lawyer  addresses  his  elec¬ 
tronic  missive  to  an  Alex  Berenson  instead  of  Bradford  Berenson. 

What  happens  next,  however,  is  anything  but  routine  —  it’s  front¬ 
page  news  in  The  New  York  Times.That’s  because  Alex  Berenson  hap¬ 
pens  to  be  a  reporter  for  the  Times  (Bradford  is  a  colleague  of  the 
sender),  and  the  e-mail  happens  to  concern  settlement  talks  between 
the  U.S.  government  and  pharmaceutical  giant  Eli  Lilly  that  include 
the  proposed  sum  of  $1  billion. 

Writes  Portfolio.com,  which  broke  the  story  behind  the  story:  “Eli 
Lilly  had  every  reason  to  want  to  keep  the  talks  [over  marketing  prac¬ 
tices]  under  wraps.  It  was  paying  a  fancy  law  firm  a  small  fortune  to 
negotiate  deftly  and  quietly” 

While  not  an  everyday  occurrence, you’d  be  surprised  how  often 
stories  of  this  nature  —  if  not  this  magnitude  —  simply  pop  into  the 
in-boxes  of  ever-grateful  news  reporters.  It  has  happened  here  at 
Network  World  on  a  number  of  occasions. 

Portfolio.com  reached  Times  reporter  Berenson,  who  said,  “I  can’t 
say  anything.  I  just  can’t.” 

But  can’t  you  see  the  smirk  on  his  face? 

Send  all  confidential  documents  to  buzz@nww.com. 
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ONE  BOX.  NO  HASSLES. 


SIMPLIFY  AND  MANAGE  YOUR  I.T.WITH  A  SINGLE  CHASSIS. 


OR  $119/MONTH  FOR  36  MONTHS' 

Introducing  IBM  BladeCenter  S  Express.  Now  you  can 
combine  Quad-Core  Intel®  Xeon®  processor-based 
blade  servers,  storage,  switches  and  management  tools 
in  one  small  chassis.  It’s  easy  to  set  up.  Easy  to  use. 
Easy  to  manage.  It’s  a  simple  way  to  simplify  your  IT. 

From  the  people  and  Business  Partners  of  IBM: 

It’s  innovation  made  easy. 


PN: 8886E1 U _ 

Up  to  six  application  blades  with  the  ability  to  expand  to  multiple 
virtual  blades 

Integrated  storage  built  into  the  chassis  -  3.6TB  SAS  or  6TB  SATA 
3-year  customer  replaceable  unit  and  on-site  limited  warranty2 


IBM  BladeCenter  S  Express 
$4,499  (SAVE  $493) 


Xeon 

inside 

Powerful. 

Efficient. 


IBM  BLADECENTER  HS21  EXPRESS 

$2,359  (SAVE  $249) 

OR  S62/MONTH  FOR  36  MONTHS’ 

PIXk  8853E1U 

Features  up  to  two  high-performance  Dual-Core  or  Quad-Core  Intel 
Xeon  Processors 

1GB  standard/16GB  maximum  memory  per  blade  (32GB  with  Memory  and 
I/O  Expansion  Unit) 

3-year  customer  replaceable  unit  and  on-site  limited  warranty2 


IBM  SYSTEM  STORAGE  DS3300  EXPRESS 

$4,545  (SAVE  $450) 

OR  $1 20/MONTH  FOR  36  MONTHS' 

PN: 172631 E _ 

Support  for  dual-port  and  hot-swappable  SAS  disks  at  10,000  and  15,000 
RPM  speeds 

Expandable  by  attaching  up  to  three  EXP3000S  or  a  total  of  48  hard  disk  drives 
3-year  limited  warranty  on  parts  and  labor2 


IBM  Express  “Bundle  and  Save” 

= - express 

We  bundle  our  Express  systems  to  give  you  the 
accessories  you  need  -  while  saving  you  money  on 
the  hardware  you  want.  Act  now.  Available  now  through 

=  -  -  =r=  advantage™ 

ibm.com/systems/onebox 

ibm.com  and  IBM  Business  Partners. 

1  866-872-3902  (mention  6N8AH01A) 

1  IBM  Global  Financing  offerings  are  provided  through  IBM  Credit  LLC  in  tfie  United  States  and  other  IBM  subsidiaries  and  divisions  worldwide  to  qualified  commercial  and  government  customers.  Monthly  payments  provided  are  for  planning  purposes 
only  and  may  vary  based  on  your  credit  and  other  factors.  Lease  offer  provided  is  based  on  an  FMV  lease  of  36  monthly  payments.  Other  restrictions  may  apply.  Rates  and  offerings  are  subject  to  change,  extension  or  withdrawal  without  notice 
2.  IBM  hardware  products  are  manufactured  from  new  parts,  or  new  and  serviceable  used  parts.  Regardless,  our  warranty  terms  apply.  For  a  copy  ol  applicable  product  warranties,  visit  ibm.com/servers/support/machine_warranties  or  write  to:  Warranty 
Information,  PO.  Box  12195,  RTP,  NC  27709,  Attn.  Dept.  JDJA/B203.  IBM  makes  no  representation  or  warranty  regarding  third-party  products  or  services,  including  those  designated  as  ServerProven*  or  ClusterProven*  Telephone  suppod  may  be  subject  to 
additional  charges.  For  on-site  labor,  IBM  will  attempt  to  diagnose  and  resolve  the  problem  remotely  before  sending  a  technician.  On-site  warranty  is  available  only  for  selected  components.  Optional  same-day  service  response  is  available  on  select  systems 
at  an  additional  charge  IBM,  the  IBM  logo.  IBM  Express  Advantage,  IBM  BladeCenter.  System  x  and  System  Storage  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries 
For  a  complete  list  of  IBM  trademarks,  see  ibm.com/legai/copytrade.shtml.  Intel  and  Xeon  are  registered  trademarks  of  Intel  Corporation.  All  other  products  may  be  trademarks  or  registered  trademarks  of  their  respective  companies.  All  prices  and 
savings  estimates  are  based  upon  IBM’s  estimated  retail  selling  prices  as  of  August  1. 2007.  Prices  and  actual  savings  may  vary  according  to  configuration.  Resellers  set  their  own  prices,  so  reseller  prices  and  actual  savings  to  end  users  may  vary 
Products  are  subject  to  availability.  This  document  was  developed  for  offerings  in  the  United  States.  IBM  may  not  offer  the  products,  features,  or  services  discussed  in  this  document  in  other  countries.  Prices  are  subject  to  change  without  notice 
Starting  price  may  not  include  a  hard  drive,  operating  system  or  other  features.  Contact  your  IBM  representative  or  IBM  Business  Partner  for  the  most  current  pricing  in  your  geographic  area.  ©2008  IBM  Corporation.  All  rights  reserved. 


It  all  begins  with  a  single  view  of  your  entire  IT  portfolio  — a  scenic  overlook  of  your  assets,  resources,  projects  and 
services.  From  there,  you  can  plan  better,  manage  better.  You  can  make  informed  decisions,  smart  trade-offs  and 
wise  investments.  In  short,  you  can  budget,  forecast  and  track  with  insight,  accuracy  and  verve.  Yes,  verve.  And 
that's  everything  you  need  to  translate  IT  value  into  terms  that  bring  nods  of  enlightenment  from  your  business 
partners.  To  learn  more,  download  the  white  paper  "Generating  Premium  Returns  on  Your  IT  Investments"  at  ca.com/itg. 
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